If you discover a vulnerability in this project, we appreciate your responsible disclosure. Please follow these steps to report it:
-
Do not disclose the vulnerability publicly until it has been addressed.
-
Email us directly at [email protected] with a detailed description of the vulnerability, including any relevant information such as:
- Steps to reproduce
- Affected versions
- Potential impact
-
We will acknowledge your report within 48 hours and work with you to address the issue as quickly as possible.
We will support the following versions of the project for security updates:
- Latest stable release
- Previous stable release
For any major vulnerabilities discovered in unsupported versions, we may choose to issue a patch or workaround at our discretion.
We will provide security updates in a timely manner. All security fixes will be published in a new release, along with detailed information regarding the nature of the vulnerability and its mitigation.
We encourage contributors and users to follow best security practices, including but not limited to:
- Keeping your dependencies up to date.
- Regularly checking for vulnerabilities in your dependencies.
- Using strong, unique passwords for accounts and services.
Thank you for helping us keep Pockaw secure!