bldrx is actively maintained and security updates are provided for recent releases. We recommend using the latest release to ensure you have current security fixes.

If you discover a security vulnerability in bldrx, we encourage responsible disclosure to protect our users. We take security seriously and appreciate your help in keeping the project safe.

• Preferred Method: Email the maintainers at izeno.contact@gmail.com with a detailed description of the vulnerability. Please include:
  • A clear explanation of the issue (e.g., potential data leak, injection vulnerability).
  • Steps to reproduce the issue, if known.
  • The potential impact (e.g., unauthorized access, data exposure).
  • Any suggested mitigations, if applicable.
• Alternative: Use the Security Report issue template on our Issues page. However, we strongly recommend private reporting via email to avoid public disclosure before a fix is available.
• Sensitive Matters: For highly sensitive issues, you may open a private issue labeled "Security Violation" on the Issues page, visible only to maintainers.

• Acknowledgment: We will acknowledge your report within 48 hours.
• Investigation: We will investigate and validate the issue within 7 days, prioritizing critical vulnerabilities.
• Resolution: If confirmed, we will develop and release a fix as soon as possible, typically within 14 days for critical issues. We will keep you updated on progress.
• Disclosure: We will coordinate with you on public disclosure after a fix is deployed, if necessary.
• Credit: With your permission, we will credit you in release notes or a security advisory for your responsible disclosure.

• Responsible Disclosure: Do not publicly share details of the vulnerability until we have addressed it.
• No Exploitation: Avoid exploiting vulnerabilities in ways that harm users, creators, or the project (e.g., unauthorized data access or disruption).
• Ethical Use: Respect intellectual property rights and avoid adding templates or tooling that facilitate illegal activity or violate platform terms; consult the project README for guidance.
• Follow Community Standards: Adhere to our Contributing Guidelines and Code of Conduct. Do not include unverified links or promotional content in reports, as they will be considered spam and may lead to restrictions.

To use bldrx securely:

• Always use the latest release (check the Releases page).
• Keep your Python environment and dependencies up to date.
• Run operations in a secure environment, avoid exposing credentials, and avoid executing untrusted templates or code.
• Follow the project’s documentation and guidelines in README.md and CONTRIBUTING.md.

For security-related questions or follow-ups, email izeno.contact@gmail.com or open a private issue labeled "Security Violation."

Thank you for helping keep bldrx and its community safe!