If you discover a security vulnerability, please report it responsibly.
Email: security@YOUR_DOMAIN.com
Please include:
- Description of the vulnerability
- Steps to reproduce
- Impact assessment
- Proof of concept (if available)
Do not open a public GitHub issue for security vulnerabilities.
- We will acknowledge your report within 48 hours
- We will provide a detailed response within 7 days
- We will work to remediate confirmed vulnerabilities promptly
- We will keep you informed of our progress
- Denial of service attacks
- Social engineering
- Attacks requiring physical access
- Vulnerabilities in third-party dependencies (report upstream)
- Issues already reported
| Version | Supported |
|---|---|
| latest | Yes |
| < latest | No |
We ask that you give us a reasonable window (90 days) to address the issue before public disclosure.
We will credit researchers who report valid vulnerabilities (unless you prefer to remain anonymous).