We take the security of Nostria seriously. If you discover a security vulnerability, please follow the appropriate reporting method based on the severity and nature of the issue.

For vulnerabilities that do not compromise user privacy, security, or data integrity, you may:

• Report them as a GitHub issue in this repository
• Provide clear steps to reproduce the issue
• Include any relevant technical details

For vulnerabilities that do compromise user privacy, security, or could lead to data breaches, please practice responsible disclosure:

1. Do NOT create a public GitHub issue
2. Send a detailed report to: nostriaapp@gmail.com
3. Include the following information:
   • Description of the vulnerability
   • Steps to reproduce
   • Potential impact assessment
   • Any suggested mitigation steps

• We aim to acknowledge security reports within 48 hours
• Initial assessment and response within 7 days
• Regular updates on remediation progress

This security policy covers:

• The Nostria application codebase
• Associated infrastructure and deployment configurations
• Third-party dependencies and integrations

Thank you for helping keep Nostria and our users safe.