The Argenta team takes security seriously. We appreciate your efforts to responsibly disclose your findings, and we will make every effort to acknowledge your contributions.

This table shows the versions of Argenta that are currently supported with security updates.

If you believe you have found a security vulnerability in Argenta, please report it to us through one of the following methods:

• Email: Send a detailed report to kolo.is.main@gmailcom.
• GitHub Security Advisories: You can create a new security advisory directly in the Argenta repository.

Please do not report security vulnerabilities through public GitHub issues.

To help us understand and resolve the issue quickly, please include the following information in your report:

• A clear and descriptive title.
• The affected version(s) of Argenta.
• A detailed description of the vulnerability.
• Step-by-step instructions to reproduce the issue (a Proof-of-Concept).
• The potential impact of the vulnerability.
• Any suggested mitigations or fixes, if you have any.

You can expect a response from us within 48 hours to acknowledge receipt of your report.

1. Upon receiving a vulnerability report, we will assign it to a team member and begin our investigation.
2. We will confirm the vulnerability and determine its severity.
3. We will work on a patch to address the issue.
4. Once the patch is ready, we will coordinate with you to schedule a release and a public disclosure. We prefer to disclose vulnerabilities through a GitHub Security Advisory.
5. We will credit you for your discovery in the advisory, unless you prefer to remain anonymous.

As a user of Argenta, we recommend the following best practices to keep your application secure:

• Always use the latest version of Argenta.
• Regularly scan your project's dependencies for known vulnerabilities.
• If your application handles sensitive data, ensure it is stored and transmitted securely.

Currently, we do not have a formal bug bounty program. However, we deeply appreciate the work of security researchers and may offer non-monetary recognition for significant contributions.