If you discover a security vulnerability in MediaRoulette, please report it responsibly.

Do NOT open a public GitHub issue for security vulnerabilities.

1. GitHub Private Vulnerability Reporting (recommended)
   Use the "Report a vulnerability" button in the Security tab

2. Email
   Send details to: dev_security@keltech.services

• Description of the vulnerability
• Steps to reproduce
• Potential impact
• Any suggested fixes (optional)

• Acknowledgment within 48 hours
• Status updates as we investigate
• Credit in the release notes (unless you prefer anonymity)

• Always set a strong, unique SECRET_KEY environment variable
• Use HTTPS when exposing MediaRoulette outside your local network
• Keep your Docker images updated to the latest version