Use this section to tell people about which versions of your project are currently being supported with security updates.
| Version | Supported |
|---|---|
| 1.0.x | ✅ |
If you discover a security vulnerability within this project, please send an email to [INSERT EMAIL]. All security vulnerabilities will be promptly addressed.
Please include the following information in your report:
- Type of issue (buffer overflow, SQL injection, cross-site scripting, etc.)
- Full paths of source file(s) related to the vulnerability
- The location of the affected source code (tag/branch/commit or direct URL)
- Any special configuration required to reproduce the issue
- Step-by-step instructions to reproduce the issue
- Proof-of-concept or exploit code (if possible)
- Impact of the issue, including how an attacker might exploit it
This information will help us quickly assess and address the vulnerability.
- You will receive an acknowledgment within 48 hours
- We will investigate and provide updates on our progress
- Once the issue is confirmed, we will work on a fix
- We will coordinate the disclosure with you
When we receive a security bug report, we will:
- Confirm the problem and determine the affected versions
- Audit code to find any similar problems
- Prepare fixes for all supported versions
- Release new versions and update the security advisory
When contributing to this project, please:
- Follow secure coding practices
- Validate all user inputs
- Use HTTPS for all external links
- Keep dependencies updated
- Review code for potential security issues