Skip to content

Security: stanhatk/blind-typing-tutor

Security

.github/SECURITY.md

Security Policy

πŸ”’ Supported Versions

We actively support security updates for the following versions:

Version Supported
1.0.x βœ…
< 1.0 ❌

🚨 Reporting a Vulnerability

If you discover a security vulnerability, please do not open a public issue. Instead, please report it privately.

How to Report

  1. Email: Send details to [[email protected]] (replace with actual email)
  2. GitHub Security Advisory: Use GitHub's private vulnerability reporting feature if available

What to Include

  • Description of the vulnerability
  • Steps to reproduce
  • Potential impact
  • Suggested fix (if any)

Response Time

  • We will acknowledge receipt within 48 hours
  • We will provide an initial assessment within 7 days
  • We will keep you informed of our progress

Disclosure Policy

  • We will coordinate disclosure with you
  • We will credit you for the discovery (if desired)
  • We will not disclose your identity without permission

πŸ›‘οΈ Security Best Practices

When using this application:

  • Keep your browser updated
  • Use HTTPS when accessing the application
  • Be cautious with custom text input
  • Review localStorage usage if concerned about privacy

πŸ” Known Security Considerations

  • The application uses localStorage for user preferences (no sensitive data)
  • No user authentication or data collection
  • All processing happens client-side
  • No external API calls or data transmission

πŸ“ Security Updates

Security updates will be:

  • Released as patch versions (e.g., 1.0.1, 1.0.2)
  • Documented in CHANGELOG.md
  • Tagged with security labels in releases

Thank you for helping keep Blind Typing Tutor secure!

There aren't any published security advisories