If you discover a security vulnerability in UniFi Network Rules, please report it responsibly — do not open a public GitHub issue.
- Email: Send a detailed description to the maintainer via GitHub private vulnerability reporting.
- Include:
- A description of the vulnerability and its potential impact
- Steps to reproduce the issue
- Any suggested fixes (optional but appreciated)
| Stage | Timeframe |
|---|---|
| Acknowledgement | Within 72 hours |
| Initial assessment | Within 1 week |
| Fix or mitigation | Best effort, depends on severity |
| Version | Supported |
|---|---|
| 4.x (latest) | ✅ Active |
| 3.x | |
| < 3.0 | ❌ No longer supported |
We recommend always running the latest release available through HACS.
- Local authentication only — the integration connects directly to your UniFi device's local API. No cloud accounts or third-party services are involved.
- Credentials stay local — your username and password are stored in Home Assistant's encrypted config entries, never transmitted externally.
- SSL verification — optional SSL certificate verification is available for environments with trusted certificates.
- No telemetry — the integration does not collect or transmit usage data.
This policy covers the custom_components/unifi_network_rules integration code. Issues with the UniFi controller itself, Home Assistant core, or the aiounifi library should be reported to their respective maintainers.
- README — Project overview
- Contributing — Development guidelines
- Quick Start — Installation and setup