Skip to content

Security: necdetsanli/do-not-ghost-me

SECURITY.md

Security Policy

Supported Versions

Only the latest release on the default branch is supported with security updates.

Reporting a Vulnerability

If you believe you’ve found a security vulnerability, please report it privately:

Please include:

  • A clear description of the issue and impact
  • Steps to reproduce (proof-of-concept if possible)
  • Affected endpoints/files and versions/commit
  • Any logs or screenshots that help (avoid sharing sensitive data)

Disclosure

  • Please do not open a public GitHub issue for security reports.
  • I will acknowledge receipt as soon as possible and coordinate a fix/release.
  • If the issue affects user privacy or data integrity, we’ll prioritize a patch and communicate responsibly.

Scope

Security reports include (non-exhaustive):

  • Auth/session/CSRF issues
  • Rate limiting bypasses / abuse vectors
  • Data exposure / privacy regressions
  • Injection (SQL/command), SSRF, XSS, etc.

There aren't any published security advisories