We take the security of our project seriously. If you discover a vulnerability, we encourage you to report it responsibly so we can address it promptly.
- Navigate to the Security tab of this repository.
- Click on "Report a Vulnerability" to open the GitHub Security Advisories form.
- Fill out the form with as much detail as possible, including:
- A clear description of the issue.
- Steps to reproduce the vulnerability.
- The affected versions or components.
- Any potential impact or severity details.
Alternatively, you can send an email to [email protected] with the same details.
- Do not publicly disclose vulnerabilities until we have confirmed and fixed the issue.
- Include any proof-of-concept code, if possible, to help us verify the vulnerability more efficiently.
- If applicable, specify if the vulnerability is already being exploited.
- We commit to handling reports with diligence.
- We will investigate all reported vulnerabilities thoroughly and transparently.
- Once the vulnerability has been fixed, we will disclose the details publicly to ensure awareness and understanding.
While we do not currently offer a formal bug bounty program, we value your contribution and will recognize your efforts in our changelog or release notes (if you consent).
Thank you for helping us improve the security of our project!