If you discover a security vulnerability within any of my projects, please send an email to [email protected]. Security issues should not be reported through public GitHub issues.

When reporting security issues, please include:

• Project name and version where you found the vulnerability
• Detailed description of the vulnerability
• Step-by-step instructions to reproduce the issue
• Impact of the vulnerability
• Any potential solutions you may have identified

I will follow these steps when handling security reports:

1. Confirmation - You will receive confirmation of your report within 48 hours.
2. Investigation - I will investigate the issue and determine its impact.
3. Updates - I will keep you informed of the progress and any issues.
4. Fix - Once a fix is prepared, I will notify you for review.
5. Public disclosure - The disclosure timeline will be coordinated with you.

This security policy applies to all repositories owned by @jsparkdev.

For each project, security updates will typically be released for:

• The most recent major version
• The previous major version for 6 months after a new major release

To help ensure security:

• Keep dependencies up to date
• Use the latest stable version of my projects
• Enable two-factor authentication on your GitHub account
• Check security advisories before implementing new features

Information about security fixes will be released through:

• GitHub Security Advisories
• Release notes of new versions

Thank you for helping to keep my projects secure.