| Version | Supported |
|---|---|
| 1.x.x | ✅ |
| < 1.0 | ❌ |
We take the security of our software seriously. If you believe you have found a security vulnerability in our project, please report it to us as described below.
Please do not report security vulnerabilities through public GitHub issues.
Instead, please report them by emailing the lead maintainer at neozero3303@gmail.com.
Please include the following information in your report:
- Description of the vulnerability
- Steps to reproduce the vulnerability
- Potential impact of the vulnerability
- Any possible mitigations you've identified
We aim to respond to security reports within 48 hours and will strive to provide a fix within 30 days.
Security updates will be released as patch versions and will be announced through our standard communication channels.
When deploying this application, please consider the following security best practices:
- Always use strong, unique passwords
- Enable two-factor authentication
- Keep all dependencies up to date
- Use HTTPS in production
- Regularly backup your data
- Restrict access to sensitive configuration files
- Monitor logs for suspicious activity
All data transmission is encrypted using TLS. Sensitive data at rest should be encrypted according to your organization's security policies.
We regularly review our dependencies for security vulnerabilities. If you discover a vulnerability in a third-party dependency, please follow the same reporting process.
Thank you for helping to keep our project and its users safe.