We take the security of our project seriously. If you discover any security vulnerabilities or potential issues, please follow these guidelines:
- Do not disclose the issue publicly until it has been addressed by the maintainers.
- Do not exploit the issue or perform any harmful actions on the project.
- Report the security issue immediately to our security team or project maintainers via email or private message.
- Provide detailed information about the vulnerability, including steps to reproduce, potential impact, and any relevant technical details.
- We will work with you to investigate and address the issue promptly.
We are committed to addressing security vulnerabilities in a timely manner. Once a security issue is reported and verified, we will follow these steps:
- Our security team will assess the impact and severity of the vulnerability.
- We will develop and test necessary patches or updates to address the issue.
- A security release will be prepared, including the necessary fixes.
- Users will be notified about the security update, emphasizing the importance of applying the patch.
We greatly appreciate responsible disclosure of security vulnerabilities. We request that you:
- Allow us a reasonable amount of time to address and release a fix for the vulnerability before disclosing it publicly.
- Maintain confidentiality and do not share the details of the vulnerability with others, except the project maintainers and security team involved in the resolution process.
- We will acknowledge your responsible disclosure and credit you, if desired, once the vulnerability has been fixed and the update has been released.
By following these guidelines, you help ensure the security and integrity of our project. We appreciate your assistance in making our software more secure.
Note: This security policy is a summary. For a more detailed version, please refer to the full security policy document.