Thank you for helping us make this project better and more secure!
We take security seriously and appreciate your efforts to responsibly disclose vulnerabilities.
We currently maintain the latest version of the project. Please make sure you're using the latest release before reporting issues.
| Version | Supported |
|---|---|
| Latest | β |
| Older | β |
If you discover a vulnerability in this project, we ask you to follow responsible disclosure practices:
- Do not open a public GitHub issue.
- Instead, please contact us privately via email at:
- Include as much detail as possible:
- Description of the vulnerability
- Steps to reproduce
- Potential impact
- Suggested fix (optional but helpful)
You may report vulnerabilities related to:
- Code injection (e.g., XSS, command injection)
- Sensitive data exposure
- Authorization or authentication issues
- Malicious file uploads
- Any functionality that compromises user data or system integrity
β Please do not report:
- UI/UX suggestions
- Typos or minor styling issues
- Outdated dependencies without known vulnerabilities
We aim to respond to all valid security reports within 48 hours.
Once confirmed, we will work on a fix and release a patch as soon as possible, crediting the reporter (if they wish).
Thanks for helping us protect our users and improve the open-source ecosystem!
Your efforts make this project safer and better for everyone. β€οΈ