We actively support the following versions of the Niby Discord Bot:

We take security seriously. If you discover a security vulnerability, please follow these steps:

DO NOT create a public GitHub issue for security vulnerabilities.

Instead, please report security vulnerabilities by:

1. Email: Contact us directly at [email protected]
2. Discord: Send a direct message to dewstouh on our Discord Server
3. GitHub Security: Use GitHub's private vulnerability reporting feature

When reporting a security vulnerability, please include:

• Description of the vulnerability
• Steps to reproduce the issue
• Potential impact of the vulnerability
• Suggested fix (if you have one)
• Your contact information for follow-up

• Initial Response: Within 24-48 hours
• Status Update: Within 7 days
• Fix Timeline: Varies based on severity, but we aim for:
  • Critical: 1-3 days
  • High: 1-2 weeks
  • Medium: 2-4 weeks
  • Low: Next scheduled release

When using this bot, please:

• Keep your bot token secure - Never share it publicly
• Use environment variables for sensitive configuration
• Regularly update to the latest version
• Review permissions given to the bot
• Monitor logs for suspicious activity
• Use strong passwords for database connections
• Enable 2FA on your Discord account

We appreciate security researchers who help keep our project safe. Contributors who report valid security vulnerabilities will be:

• Credited in our security acknowledgments (unless you prefer to remain anonymous)
• Given a special role in our Discord server
• Mentioned in release notes (for non-sensitive fixes)

• Project Maintainer: dewstouh
• Discord Server: https://discord.gg/MBPsvcphGf
• GitHub: https://github.com/dewstouh

Thank you for helping keep the Niby Discord Bot secure!