Use this section to tell people about which versions of your project are currently being supported with security updates.
| Version | Supported |
|---|---|
| 0.2.x | ✅ |
| 0.1.x | ❌ |
- This extension handles file contents within your Visual Studio Code environment
- No data is transmitted externally
- All operations are performed locally on your machine
- The extension only accesses files that are already open in your editor
- When clipboard mode is enabled, the extension will write to your system clipboard
- Clipboard access is only activated when explicitly triggered by user action
- No automatic or background clipboard operations are performed
- The extension only reads files that are already open in VS Code
- No write operations are performed on your files
- The extension respects VS Code's file access permissions
We take the security of Copy All Tabs to New Tab Extension seriously. If you believe you have found a security vulnerability, please follow these steps:
- Do Not disclose the vulnerability publicly
- Do send a detailed report privately to:
- Email: copytabssecurity@prodypanda.com
- Or create a private security advisory on our GitHub repository
- Type of issue (e.g., buffer overflow, SQL injection, cross-site scripting, etc.)
- Full paths of source file(s) related to the manifestation of the issue
- Step-by-step instructions to reproduce the issue
- Proof-of-concept or exploit code (if possible)
- Impact of the issue, including how an attacker might exploit it
- You'll receive an acknowledgment within 48 hours
- We'll investigate and keep you updated on our findings
- Once we have a fix, we'll coordinate with you on disclosure
- The vulnerability will be disclosed publicly once a fix is available
- You'll be credited in our release notes (unless you prefer to remain anonymous)
-
Keep VS Code Updated
- Ensure you're using the latest version of Visual Studio Code
- Keep all extensions, including Copy All Tabs, updated
-
Be Mindful of Clipboard Content
- When using clipboard mode, be aware that sensitive code may be copied to your system clipboard
- Clear your clipboard after copying sensitive information
-
Review Before Sharing
- Always review the content generated by the extension before sharing it with others
- Be cautious when sharing code that might contain sensitive information
Our development process follows these security practices:
-
Code Review
- All changes undergo peer review
- Security implications are explicitly considered
-
Dependencies
- Regular audits of dependencies
- Automated vulnerability scanning in our CI/CD pipeline
-
Testing
- Automated tests for security-sensitive functionality
- Manual security testing before releases
This extension doesn't use external services or APIs. All operations are performed locally within VS Code.
To ensure you're using a legitimate version of our extension:
- Install only from the official Visual Studio Code Marketplace
- Verify the publisher name is "Prodypanda"
- Check that the extension ID is "copytabs"
For any security-related questions, contact:
- Primary: copytabssecurity@prodypanda.com
- Secondary: Create a private issue on our GitHub repository
We appreciate the security research community and believe in responsible disclosure. Researchers who report vulnerabilities will be credited (with permission) in our release notes and security advisories.
Last updated: 2024-10-07