Thank you for helping keep my projects and the community secure!
This document outlines how to report security vulnerabilities in my repositories.

I actively support the latest versions of my projects. Security updates will generally be provided for:

• The main branch of each repository.
• The latest stable release of the project (if applicable).

For older or unsupported versions, you’re encouraged to upgrade to the latest release to ensure security fixes.

If you discover a security vulnerability in one of my projects, please follow these steps:

1. Do not open a public issue.
   To protect users, avoid discussing vulnerabilities in public forums or GitHub Issues.

2. Contact Me Directly:

   • Email: [email protected]
     Use the subject line: [SECURITY] Vulnerability Report for [Project Name]

3. Include the Following Details in Your Report:

   • A clear description of the vulnerability.
   • Steps to reproduce the issue, if applicable.
   • Potential impact or risks associated with the vulnerability.
   • (Optional) Suggested solutions or mitigations.

4. Encrypt Your Report (Optional):
   If your report contains sensitive information, you can encrypt it using my PGP Public Key:

    -----BEGIN PGP PUBLIC KEY BLOCK-----
    
    mDMEZ26EcxYJKwYBBAHaRw8BAQdAdoXWd9Q+bglYTiiAXrQeFy9Pn5D0qtNnuDfR
    +pQGMfG0KVNpZ3VpIEtlc3PDqSBFbW1hbnVlbCA8c2lndWljaUBwcm90b24ubWU+
    iJMEExYKADsWIQT6Ls2c+TdqC+dKeSwQT/xZcDCCewUCZ26EcwIbAwULCQgHAgIi
    AgYVCgkICwIEFgIDAQIeBwIXgAAKCRAQT/xZcDCCezhxAQCyXazMk3omeviez44G
    ZGT7gq4ZkFCOqBHzClhvCs0V0AEA41FW7j4bv7f9c5WW2mIwPS+J9VtIHBO9N6KX
    W5kjvgq4OARnboRzEgorBgEEAZdVAQUBAQdA0RLh7qoG81mMtY8YtHK8CIlnQGkS
    S+pULXFl9WuW21cDAQgHiHgEGBYKACAWIQT6Ls2c+TdqC+dKeSwQT/xZcDCCewUC
    Z26EcwIbDAAKCRAQT/xZcDCCeynDAP473vDB3/2ExJNK2/mq008Ld/rTkz8lSMr/
    W+SqmW6diQD+L0F1FAuLS/3x09b/E4YSEd5WbPqXPBNiasfpwz2gHA0=
    =GDer
    -----END PGP PUBLIC KEY BLOCK-----

1. You will receive a confirmation that I’ve received your report within 48 hours.
2. I will investigate the issue and determine its impact.
3. If the vulnerability is valid, I’ll work on a fix and coordinate a release timeline.
   • You may be contacted for additional details or to confirm the fix.

• Security vulnerabilities will not be disclosed publicly until a fix is available.
• If a vulnerability is particularly critical, I may release a temporary mitigation before a full fix is implemented.

Contributors who report valid vulnerabilities may be acknowledged in the release notes, unless they prefer to remain anonymous.

To stay secure while using my projects, always:

• Keep your software updated to the latest version.
• Review security guidelines in the project’s documentation.
• Report suspicious behavior or issues as soon as possible.

Thank you for helping to keep my projects secure! 😊
Together, we can build a safer and more robust open-source ecosystem. 🙌