Only the latest release on the default branch is supported with security updates.
If you believe you’ve found a security vulnerability, please report it privately:
- Email: security@donotghostme.com
Please include:
- A clear description of the issue and impact
- Steps to reproduce (proof-of-concept if possible)
- Affected endpoints/files and versions/commit
- Any logs or screenshots that help (avoid sharing sensitive data)
- Please do not open a public GitHub issue for security reports.
- I will acknowledge receipt as soon as possible and coordinate a fix/release.
- If the issue affects user privacy or data integrity, we’ll prioritize a patch and communicate responsibly.
Security reports include (non-exhaustive):
- Auth/session/CSRF issues
- Rate limiting bypasses / abuse vectors
- Data exposure / privacy regressions
- Injection (SQL/command), SSRF, XSS, etc.