We aim to support the latest version of the ChatsAPI library and address any critical vulnerabilities or bugs. Below is the list of supported versions:

We take security seriously and appreciate your efforts to responsibly disclose vulnerabilities. To report a security issue, follow these steps:

1. Do not create a public issue in the repository or disclose details in public forums.
2. Email us directly at [email protected] with the following details:
   • A concise description of the vulnerability.
   • Steps to reproduce the issue.
   • Potential impact or risk assessment.
   • Any suggestions for fixing the issue, if available.
3. We will acknowledge your report within 48 hours and provide an expected timeline for a resolution.
4. Once the vulnerability is resolved, we will:
   • Notify you of the fix.
   • Attribute you in the release notes (if you choose to be credited).

To ensure secure usage of the ChatsAPI framework:

1. Keep dependencies up to date: Regularly update the library and its dependencies to mitigate risks from outdated packages.
2. Protect your API keys: When using LLM integrations like OpenAI or Gemini, securely store API keys and avoid hardcoding them in your codebase.
3. Sandbox testing: Always test the library in a controlled, sandboxed environment before deploying it to production.
4. Input sanitization: Ensure user inputs are properly validated and sanitized to prevent potential injection attacks.

By reporting security issues, you agree to act in a responsible manner and avoid:

• Exploiting vulnerabilities for malicious purposes.
• Publicly disclosing security issues without prior notice.

We value your contributions and are committed to working with you to keep our project secure.

We are grateful to the open-source community and security researchers for helping us identify and resolve potential vulnerabilities.