diff --git a/SECURITY.md b/SECURITY.md new file mode 100644 index 0000000..3362e98 --- /dev/null +++ b/SECURITY.md @@ -0,0 +1,41 @@ +# Security Policy + +## Supported Versions + +The following table outlines the versions of this project that are currently supported with security updates: + +| Version | Supported | +| ------- | ------------------ | +| 1.0.x | ✅ Yes | + +Only actively maintained versions will receive patches for security vulnerabilities. If you’re using an unsupported version, we strongly recommend upgrading to a supported release. + +--- + +## Reporting a Vulnerability + +If you discover a security vulnerability in this project, please follow the process below: + +### How to Report + +Please send all vulnerability reports to **[akadeb97@gmail.com]** or open a private issue if supported. + +Include: +- A clear description of the vulnerability +- Steps to reproduce the issue +- Your assessment of the severity +- Any relevant logs or environment details + +### Response Timeline + +- We aim to acknowledge your report **within 2 business days**. +- You’ll receive updates as we triage the issue, typically **every 3–5 days**. +- Valid reports will receive a fix or mitigation plan within **14 days**, depending on complexity. + +### Coordinated Disclosure + +We ask that you give us the opportunity to address the vulnerability before disclosing it publicly. We’re committed to working with you to ensure a coordinated and responsible resolution. + +--- + +Thank you for helping us keep the project safe!