We take the security of this project seriously. If you believe you have found a security vulnerability, please report it to us following the guidelines below. We appreciate your effort and responsible disclosure.

Please do not open a public GitHub issue for security-related concerns.

To report a security vulnerability, you can either:

• Email: Send an email to [email protected] with your findings.
• Secure Form: Use our secure form to submit your report.

When reporting, please provide the following information:

• A detailed description of the vulnerability, including steps to reproduce if possible.
• Information about the affected versions or components.
• Any potential mitigations or workarounds you can suggest.

Once we receive the report, we will acknowledge its receipt within X business days and work on evaluating the issue. We will keep you informed of the progress and let you know when it's resolved.

This security policy applies to all versions of the project.

• Acknowledgment: We will acknowledge the receipt of your report within X business days.
• Assessment: Our team will evaluate the vulnerability to determine its impact and validity.
• Resolution: We will work on resolving the vulnerability, and the timeline for the fix will depend on the severity.
• Public Disclosure: Once the vulnerability is fixed and verified, we will release a security advisory to the public.

• Follow secure coding practices and avoid common vulnerabilities like SQL injection, cross-site scripting (XSS), etc.
• Ensure that authentication mechanisms are robust and implement proper access controls.
• Regularly update dependencies to avoid known security issues.

We provide security updates for the following versions:

We would like to thank the following individuals for their contributions in responsibly disclosing security vulnerabilities:

• Contributor 1
• Contributor 2

If you would like to be credited for your report, please let us know when you submit the vulnerability.

By participating in this responsible disclosure process, you agree to adhere to the guidelines outlined above. We will not take legal action against individuals who report security vulnerabilities following these guidelines.