At Pokedex-v2, we take the security of our project seriously. If you discover a security vulnerability, we appreciate your help in reporting it in a responsible manner.
-
Do Not Use Public Channels: Please do not report security vulnerabilities publicly, such as in issues or comments on GitHub. This helps prevent potential exploits and keeps our project secure.
-
Contact Us Directly: Report security vulnerabilities directly to us via email at contact@mario-kreitz.dev. This allows us to address the issue privately and effectively.
-
Provide Detailed Information: When reporting a vulnerability, include as much detail as possible:
- Description: Provide a clear description of the vulnerability.
- Reproduction Steps: Include detailed steps to reproduce the issue.
- Impact Assessment: Explain the potential impact of the vulnerability.
- Suggested Mitigation: If possible, offer suggestions for mitigating the issue.
-
Confidentiality: We will treat your report with confidentiality and aim to respond as quickly as possible. Our goal is to work with you to understand and address the issue effectively.
-
Patch Releases: We will address security vulnerabilities promptly and include fixes in patch releases as necessary.
-
Disclosure Timeline: Once a fix is available, we will coordinate with the reporter to responsibly disclose the vulnerability. We will also update relevant documentation and this security policy.
To help maintain the security of Pokedex-v2, consider the following practices:
- Keep Dependencies Updated: Regularly update all dependencies to mitigate known vulnerabilities.
- Review Code: Conduct thorough code reviews to identify and address potential security issues.
- Follow Security Guidelines: Adhere to best security practices in both development and deployment processes.
For more information on security best practices, you might find these resources useful:
Thank you to the security community for helping us keep Pokedex-v2 secure. We value your contributions and efforts in improving the safety of our project.