Only the latest major release is actively maintained for security updates.

We take security very seriously. If you discover a vulnerability, please do not create a public issue. Instead, follow these steps:

1. Send a private email to: yourname@example.com
2. Include:
   • A description of the vulnerability
   • Steps to reproduce
   • Potential impact
   • Suggested fix (optional)

We will acknowledge your report within 48 hours and work to resolve it promptly.

To help keep your application safe, follow these guidelines:

• Always validate and sanitize user inputs.
• Never commit sensitive information (API keys, passwords, private keys) to the repository.
• Use HTTPS for all communications.
• Keep dependencies updated and monitor for known vulnerabilities.
• Limit permissions and access rights to only what is necessary.

• Acknowledgment: We will confirm receipt of your report within 48 hours.
• Assessment: Our team will assess the severity and impact of the vulnerability.
• Resolution: We will fix the issue and release a patched version as soon as possible.
• Credit: We may credit you in the release notes if you request it.

• OWASP Top Ten Security Risks
• GitHub Security Best Practices