Security Policy
Supported Versions
My commitment to security extends to the following version of the project:
| Version | Supported |
|---|---|
| @latest | :white_check_mark: |
Reporting a Vulnerability
I greatly value the security community’s efforts in helping keep my project safe. If you’ve discovered a security vulnerability, the responsible disclosure is crucial for us. Here’s how you can report it:
- Contact Method: Email us at blefnk@gmail.com.
- Email Subject: Please use a concise yet descriptive subject, such as “Security Vulnerability Found”.
- Vulnerability Details: Provide a comprehensive description of the vulnerability. Include reproduction steps, and any other information that might help us understand and resolve the issue effectively.
- Proof of Concept: Attach any proof-of-concept or sample code if available. Please ensure that the research does not involve destructive testing or violate any laws.
- Encryption: For secure communication, use my public PGP key available on my website or public key servers.
- Response Timeline: I aim to acknowledge the report within [e.g., 48 hours] and will keep you updated on my progress.
- Investigation and Remediation: My team will promptly investigate and work on resolving the issue. We’ll maintain communication with you throughout this process.
- Disclosure Policy: Please refrain from public disclosure until I have mitigated the vulnerability. I will collaborate with you to decide on an appropriate disclosure timeline, considering the issue’s severity.
We’re grateful for the contributions to my project’s security. Contributors who help improve my security may be publicly acknowledged (with consent).
Note: My security policy may be updated periodically.