The team takes the security of our project seriously. We appreciate your efforts to responsibly disclose your findings, and we will make every effort to acknowledge your contributions.
If you discover a security vulnerability, please report it to us privately. Do not create a public GitHub issue.
We encourage you to report vulnerabilities through GitHub's Private Vulnerability Reporting feature. You can do this by going to the "Security" tab of our repository and clicking on "Report a vulnerability".
Alternatively, you can email us at [sir.akashaman@gmail.com].
To help us understand and resolve the issue quickly, please include the following in your report:
- A clear and concise description of the vulnerability.
- The commit hash of the version that is affected.
- Step-by-step instructions to reproduce the issue.
- Any proof-of-concept code, screenshots, or videos that demonstrate the vulnerability.
- If you have a proposed fix, please include it.
When you report a vulnerability to us, you can expect the following:
- We will acknowledge receipt of your report within 48 hours.
- We will provide you with an estimated timeline for addressing the vulnerability.
- We will notify you when the vulnerability has been fixed.
- We will publicly credit you for your discovery, unless you prefer to remain anonymous.
We aim to resolve critical vulnerabilities as quickly as possible.
As this project has not yet had a formal release, we only provide security support for the latest commit on the main branch.
| Version | Supported |
|---|---|
| latest | ✅ |
This security policy applies to the code and dependencies within this repository. If you believe you have found a vulnerability in a third-party library that we use, please report it to the maintainers of that library.
Thank you for helping keep our project and its users safe.