# Security Policy This document outlines security procedures and policies for maintaining the security of this project. ## Table of Contents - [Table of Contents](#table-of-contents) - [Reporting a Security Vulnerability](#reporting-a-security-vulnerability) - [Remediation Policy](#remediation-policy) - [Feedback and Improvements](#feedback-and-improvements) ## Reporting a Security Vulnerability The security of our project is of paramount importance. If you discover a security vulnerability, we appreciate your responsible disclosure. Here's how to proceed: 1. **Create an Issue**: Use the GitHub Issue system to report the security vulnerability. Public disclosure helps ensure transparency and allows more eyes on the code. 2. **Merge Request (Optional)**: If you're able and willing, you can submit a merge request with a proposed fix for the vulnerability. Your contribution will be valued and acknowledged. We aim to acknowledge your report within 7 days. You can expect a more detailed response during this time, outlining the next steps for handling the report. For vulnerabilities in third-party modules, please report them to the maintainers of the respective modules. ## Remediation Policy We follow a systematic approach to address security vulnerabilities: 1. **Confirmation and Assessment**: We validate and determine the affected versions and components. 2. **Code Audit**: We perform a thorough code audit to identify any similar vulnerabilities. 3. **Fix Preparation**: We prepare fixes for all active and maintained releases as swiftly as possible. ## Feedback and Improvements We value your input in making our security procedures even better. If you have suggestions for improving this process, please feel free to submit a pull request with your proposed changes. Thank you for your dedication to the security of our project. **Note**: The details of this policy may change over time, but the commitment to security will remain consistent.