chore: fix eslint issues

Author: muhsin-k

ReactotronConfig.js

@@ -2,8 +2,11 @@ import Reactotron from 'reactotron-react-native';
 // Don't remove this import, this is used by reactotron-redux only in dev mode
 import { reactotronRedux } from 'reactotron-redux';
 
+// For viewing the state you need to select State tab on the side,
+// press CMD + N and press enter. This will create a new subscription to your app state.
+// Once you reload the app the entire state will show up along with actions in timeline.
 const reactotron = Reactotron.useReactNative() // add all built-in react native plugins
   .use(reactotronRedux())
   .connect(); //Don't forget about me!
 
-export default reactotron;
+export default reactotron;

SECURITY.md

@@ -1,31 +1,56 @@
-# Security Policy
-Chatwoot is looking forward to working with security researchers across the world to keep Chatwoot and our users safe. If you have found an issue in our systems/applications, please reach out to us.
+Chatwoot is looking forward to working with security researchers worldwide to keep Chatwoot and our users safe. If you have found an issue in our systems/applications, please reach out to us.
 
 ## Reporting a Vulnerability
 
-We use [huntr.dev](https://huntr.dev/) for security issues that affect our project. If you believe you have found a vulnerability, please disclose it via this [form](https://huntr.dev/bounties/disclose). 
+We use Github to track the security issues that affect our project. If you believe you have found a vulnerability, please disclose it via this [form](https://github.com/chatwoot/chatwoot/security/advisories/new). This will enable us to review the vulnerability, fix it promptly, and reward you for your efforts.
 
-This will enable us to review the vulnerability, fix it promptly, and reward you for your efforts.
+If you have any questions about the process, contact [email protected]. 
 
-If you have any questions about the process, feel free to reach out to [email protected].
+Please try your best to describe a clear and realistic impact for your report, and please don't open any public issues on GitHub or social media; we're doing our best to respond through Github as quickly as possible.
 
+> Note: Please use the email for questions related to the process. Disclosures should be done via [Github](https://github.com/chatwoot/chatwoot/security/advisories/new)
+## Supported versions
 
-## Out of scope
+| Version | Supported        |
+| ------- | --------------   |
+| latest   | ️✅               |
+| <latest   | ❌               |
 
-Please do not perform testing against Chatwoot production services. Use a self hosted instance to perform tests.
 
-We consider the following to be out of scope, though there may be exceptions.
+## Vulnerabilities we care about 🫣
+> Note: Please do not perform testing against Chatwoot production services. Use a `self-hosted instance` to perform tests.
+- Remote command execution
+- SQL Injection
+- Authentication bypass
+- Privilege Escalation
+- Cross-site scripting (XSS)
+- Performing limited admin actions without authorization
+- CSRF
+
+You can learn more about our triaging process [here](https://www.chatwoot.com/docs/contributing-guide/security-reports).
+
+## Non-Qualifying Vulnerabilities
+
+We consider the following out of scope, though there may be exceptions.
 
 - Missing HTTP security headers
-- Self XSS
-- HTTP Host Header XSS without working proof-of-concept
+- Incomplete/Missing SPF/DKIM
+- Reports from automated tools or scanners
+- Theoretical attacks without proof of exploitability
+- Social engineering
+- Reflected file download
+- Physical attacks
+- Weak SSL/TLS/SSH algorithms or protocols
+- Attacks involving physical access to a user's device or a device or network that's already seriously compromised (e.g., man-in-the-middle).
+- The user attacks themselves
 - Incomplete/Missing SPF/DKIM
 - Denial of Service attacks
+- Brute force attacks
 - DNSSEC
-- Social Engineering attacks
 
-If you are not sure about the scope, please create a report.
+If you are unsure about the scope, please create a [report](https://github.com/chatwoot/chatwoot/security/advisories/new).
+
 
 ## Thanks
 
-Thank you for keeping Chatwoot and our users safe. 🙇
+Thank you for keeping Chatwoot and our users safe. 🙇