This project is currently in early development. Security updates are provided for the following versions:
| Version | Supported |
|---|---|
| 0.1.x | ✅ |
| < 0.1 | ❌ |
Note: As this project is in early development (pre-1.0), breaking changes may occur between versions. We recommend staying updated with the latest release.
We take security vulnerabilities seriously. If you discover a security vulnerability in this project, please report it responsibly:
- Email: Send details to the project maintainer(s) via private email (check the repository for contact information)
- GitHub Security Advisory: Use GitHub's private vulnerability reporting feature if available
- Issues: For non-sensitive security concerns, you may open a public issue
Please include the following information in your report:
- Description of the vulnerability
- Steps to reproduce the issue
- Potential impact assessment
- Suggested fix (if you have one)
- Acknowledgment: We aim to acknowledge receipt within 48 hours
- Initial Assessment: We will provide an initial assessment within 7 days
- Updates: We will provide regular updates on our progress
- Resolution: We aim to resolve critical vulnerabilities within 30 days
- We request that you do not publicly disclose the vulnerability until we have had a chance to address it
- Once a fix is released, we will work with you on coordinated disclosure
- We appreciate your responsible disclosure and will acknowledge your contribution (unless you prefer to remain anonymous)
When using this API:
- Always use HTTPS in production
- Implement proper authentication and authorization
- Validate all inputs
- Keep dependencies updated
- Follow the principle of least privilege
- Regularly review and audit your deployment configuration