If you discover a security vulnerability, please report it by opening an issue. To help us better understand and address the issue, please follow the template provided when creating a new issue.

1. Open a new issue: Clearly describe the vulnerability, providing as much detail as possible.
2. Assessment: Our team will assess the reported vulnerability and respond when available.
3. Fix and Release: If the vulnerability is accepted, we will work on fixing it and release a patch within a reasonable timeframe.

• We will strive to keep you informed about the progress of your reported vulnerability.
• If the vulnerability is accepted, it will be prioritized based on severity.
• If the vulnerability is declined, we will provide a reason for the decision.
• We encourage responsible disclosure, and we appreciate your efforts in keeping our project secure.

We follow Semantic Versioning for our releases. Security updates will be applied to the latest minor version of the current major version.

• Major Version: Significant changes, possibly breaking backward compatibility.
• Minor Version: New features, enhancements, and backward-compatible bug fixes.
• Patch Version: Backward-compatible bug fixes only.

For any questions or additional information regarding security, please contact miruro@proton.me