We take security seriously and support the following versions with security updates:
| Version | Supported |
|---|---|
| Latest | ✅ |
| < Latest | ❌ |
We encourage responsible disclosure of security vulnerabilities. Please follow these steps:
- DO NOT create a public GitHub issue for security vulnerabilities
- Send an email to: [email protected]
- Include the following information:
- Description of the vulnerability
- Steps to reproduce
- Potential impact
- Suggested fix (if any)
- Acknowledgment: Within 24 hours
- Initial Assessment: Within 72 hours
- Regular Updates: Every 7 days until resolved
- Resolution Target: 30 days for critical issues, 90 days for others
- We will acknowledge receipt of your report
- We will investigate and validate the issue
- We will work on a fix and coordinate disclosure
- We will credit you for the discovery (if desired)
- Keep dependencies up to date
- Follow secure coding practices
- Use environment variables for sensitive data
- Never commit secrets or credentials
- Enable 2FA on your GitHub account
- Always use the latest version
- Report suspicious behavior
- Follow principle of least privilege
- Regularly update dependencies
For security-related questions: [email protected] For general questions: [email protected]
Last Updated: {datetime.now().strftime('%Y-%m-%d')} Version: 1.0