Skip to content

Security: julianromli/duitr

Security

SECURITY.md

Security Policy

Reporting a Vulnerability

Please do not disclose security vulnerabilities in public issues.

If GitHub Security Advisories are enabled for this repository, use private vulnerability reporting there. Otherwise, contact the maintainers through GitHub and share the minimum information needed to reproduce the issue safely.

Include the following when possible:

  • Affected area or file
  • Impact summary
  • Reproduction steps
  • Suggested mitigation, if known

Scope

Relevant security areas include:

  • Authentication and authorization
  • Supabase policies and exposed data access
  • Input validation and XSS risks
  • Dependency vulnerabilities
  • Secrets handling and environment configuration

Response Expectations

The maintainers will aim to:

  • Acknowledge receipt of a report
  • Validate the issue
  • Prepare and release a fix when needed
  • Credit the reporter when appropriate

There aren't any published security advisories