The Bytey project currently supports the latest release. Security updates will be applied to the main branch and included in subsequent releases.

We take the security of the Bytey project seriously. If you discover a security vulnerability, please report it responsibly by following these steps:

1. Do Not Disclose Publicly: Avoid disclosing the issue in public forums, such as GitHub issues, until it has been addressed.
2. Contact the Maintainer: Send a detailed report to the project maintainer at @VoxDroid via GitHub or through other private communication channels (e.g., email, if provided).
3. Provide Details:
   • Describe the vulnerability and its potential impact.
   • Include steps to reproduce the issue, if possible.
   • Specify the affected version or commit.
4. Expect a Response: The maintainer will acknowledge your report within 48 hours and work with you to assess and address the issue.

• Once a vulnerability is confirmed, the maintainers will prioritize and develop a fix.
• A patch will be applied to the main branch and included in the next release.
• You will be notified when the issue is resolved and credited (if desired) in the release notes or documentation, unless you prefer to remain anonymous.

To enhance the security of your local setup:

• Keep dependencies up to date by running npm update or yarn upgrade.
• Use the latest version of Node.js (v18.0 or higher).
• Avoid exposing sensitive information in configuration files or public repositories.

Thank you for helping keep Bytey secure!