If you discover a security vulnerability in this project, please report it through the GitHub Security Advisories page.
Important
Do not create a public issue for security vulnerabilities.
When reporting, please include:
- A detailed description of the vulnerability.
- Steps to reproduce the issue (if applicable).
- Potential impact of the vulnerability.
I will review and respond to all reported vulnerabilities as quickly as possible.
Upon confirming the issue, I will take appropriate action to mitigate it and notify users accordingly.
This project is open-source, and the latest commit represents the only supported version. Any vulnerabilities reported and resolved will be addressed in the latest commit.
- Code Reviews: All pull requests should undergo thorough review to catch potential security issues.
- Sensitive Data: Avoid committing sensitive information such as passwords, API keys, or credentials.
- Dependencies: Ensure all external libraries or dependencies are up-to-date to minimize security risks.
- Secrets Management: Use appropriate secrets management solutions, such as environment variables or GitHub Secrets, rather than hard-coding sensitive data.
- Regular Scans: Utilize tools like GitHub's Dependabot to scan for vulnerabilities in dependencies.
For security-related concerns, please report vulnerabilities via the GitHub Security Advisories. For other questions, feel free to reach out via project discussions, email or any other contact method listed here.