If you discover a security vulnerability within this repository, please follow these steps:
-
Do not disclose the vulnerability publicly.
- Publicly disclosing a vulnerability can put users at risk. Please refrain from sharing the details of the vulnerability in public forums, issue trackers, or any other public channels.
-
Send an email to the security team.
- Please report the vulnerability to our security team via email at [guanshiyinnn@gmail.com]. Include as much detail as possible about the vulnerability and any potential fixes.
-
Provide detailed information.
- When reporting the vulnerability, please include the following information:
- A description of the vulnerability and its impact.
- Steps to reproduce the vulnerability.
- Any potential fixes or suggestions for mitigation.
- When reporting the vulnerability, please include the following information:
-
Expect a response within 48 hours.
- We will acknowledge receipt of your report within 48 hours and will provide a detailed response within 7 days, including an estimate for when a fix will be implemented.
-
Receive recognition for your contribution.
- Once the vulnerability is resolved, we will credit you for your discovery in the release notes, unless you prefer to remain anonymous.
We will issue security updates for supported versions of our project as soon as possible after a vulnerability is reported and verified. Our goal is to ensure the safety and security of our users at all times.
By following this Security Policy, you help us maintain a secure and reliable project for everyone. Thank you for your cooperation and contribution to the security of our project.
If you have any questions or need further assistance, please contact us at [guanshiyinnn@gmail.com].