This section tells users which versions of this project are currently supported with security updates.

If you discover a security vulnerability, please report it responsibly. We take security seriously and aim to respond promptly.

1. Preferred: Use GitHub’s security advisory system.

   • Go to the Security tab → Report a vulnerability.
   • Include:
     • Description of the vulnerability
     • Steps to reproduce (if applicable)
     • Potential impact

2. Alternative: Email directly to: rogermodu@gmail.com

   • Subject: [Security] <brief description>
   • Attach proof-of-concept or reproduction steps if possible

Do not create a public GitHub issue for security vulnerabilities. This helps prevent exposing sensitive information before a fix is released.

• Acknowledgment: Within 48 hours of reporting
• Investigation & Updates: Updates provided within 1 week
• Fix Release: As soon as possible, depending on severity

• Critical: Exploitable vulnerability causing data loss, remote code execution, or system compromise
• High: Vulnerability that can cause significant impact but requires user action
• Medium: Vulnerability with moderate impact
• Low: Minor issues or informational findings

We prioritize fixes based on severity.

• Keep dependencies updated (Dependabot recommended)
• Use automated code scanning tools (e.g., GitHub CodeQL)
• Secret scanning is enabled to prevent sensitive data leaks

We sincerely appreciate anyone who responsibly reports a security issue. Your contribution helps keep this project safe, reliable, and useful for everyone.

These tools are provided as-is for learning and productivity. Users should review code before using it in production. Security reports help improve safety, but users are responsible for their own implementations.