diff --git a/SECURITY.md b/SECURITY.md new file mode 100644 index 0000000..b6bcb1f --- /dev/null +++ b/SECURITY.md @@ -0,0 +1,33 @@ +# Security Policy + + +## Reporting a Vulnerability + +We take the security of our project seriously. If you have discovered a security vulnerability, please follow these steps: + +1. **Do not** disclose the vulnerability publicly. +2. Send a detailed description of the vulnerability to [datahonor@gmail.com](mailto:datahonor@gmail.com). +3. Include steps to reproduce the issue, if possible. +4. Allow us some time to respond and address the issue before any public disclosure. + +We appreciate your effort to responsibly disclose your findings and will make every effort to acknowledge your contributions. + +## Security Update Process + +When we receive a security bug report, we will: + +1. Confirm the problem and determine the affected versions. +2. Audit code to find any potential similar problems. +3. Prepare fixes for all supported versions. +4. Release new security fix versions as soon as possible. + +## Best Practices + +To help ensure the security of this project: + +- Keep your local copy up-to-date with the latest security patches. +- Use strong and unique passwords for all accounts associated with the project. +- Enable two-factor authentication where available. +- Be cautious when using third-party dependencies and keep them updated. + +Thank you for helping keep our project and its users safe!