Use this section to tell people about which versions of your project are currently being supported with security updates.

We take security vulnerabilities seriously. If you discover a security vulnerability in SMF Flutter CLI, please follow these steps:

Security vulnerabilities should not be disclosed publicly until they are fixed.

Send an email to security@saymyframe.com with the following information:

• Subject: [SECURITY] SMF Flutter CLI - [Brief Description]
• Description: Detailed description of the vulnerability
• Steps to reproduce: Clear steps to reproduce the issue
• Impact: Potential impact of the vulnerability
• Suggested fix: If you have any suggestions for fixing the issue

1. Acknowledgment: You will receive an acknowledgment within 48 hours
2. Investigation: Our security team will investigate the report
3. Fix development: We will develop a fix if the vulnerability is confirmed
4. Release: A security patch will be released
5. Disclosure: The vulnerability will be disclosed publicly after the fix is available

• Critical vulnerabilities: Fixed within 7 days
• High severity: Fixed within 14 days
• Medium severity: Fixed within 30 days
• Low severity: Fixed within 90 days

When using SMF Flutter CLI:

1. Keep dependencies updated: Regularly update your Flutter SDK and dependencies
2. Review generated code: Always review generated code before deploying to production
3. Use secure configurations: Follow security best practices for your specific use case
4. Report issues: Report any security concerns immediately

We appreciate security researchers who follow responsible disclosure practices. We will:

• Credit researchers in our security advisories
• Work collaboratively to fix issues
• Provide reasonable time for fixes before public disclosure

• Security Email: security@saymyframe.com
• PGP Key: Download PGP Public Key Fingerprint: 8163 AD35 6408 409D 0C73 9371 9BF2 D190 5017 7436
• Security Team: security@saymyframe.com

Thank you for helping keep SMF Flutter CLI secure!