We take security seriously and appreciate the efforts of the community in responsibly disclosing vulnerabilities. This document outlines our supported versions and how to report security issues.

Only the following versions of this repository currently receive security updates:

All other branches or forks should be considered unsupported.

If you discover a security issue, please follow responsible disclosure practices:

1. Do not open a public GitHub issue or discussion.

2. Send a detailed report via LinkedIn:

   **🔗 Avijit Jana

3. Include the following information in your report:

   • Steps to reproduce the vulnerability
   • Affected endpoints, files, or components
   • Potential impact (data exposure, privilege escalation, etc.)
   • Any proof-of-concept code (if available)

We aim to acknowledge valid reports within 48 hours.

• Verified vulnerabilities are typically addressed within 30 days.
• Once fixed, a security advisory may be published.
• Reporters will be credited unless anonymity is requested.

This security policy applies only to:

• Code hosted in this repository
• The default main branch

It does not cover:

• Forks or downstream derivatives
• Local deployments or misconfigurations
• Third-party dependencies (please report those upstream)

We encourage ethical security research. Activities such as denial-of-service attacks, social engineering, or data exfiltration are strictly prohibited.

If you're unsure whether your testing approach is acceptable, contact us before proceeding.

Thank you for helping keep this project and its users safe.