If you believe you have found a security vulnerability in this project, please report it responsibly:
- Email us at voravit@flowaccount.com with a detailed description of the issue.
- Or contact us via our Discord security channel: https://discord.gg/channels/DevInfra
- Do not create public issues or discuss vulnerabilities publicly until we have addressed them.
- We aim to acknowledge your report within 5 business days and provide a resolution timeline.
We ask that you:
- Give us reasonable time to investigate and mitigate the vulnerability before any public disclosure.
- Avoid exploiting the vulnerability beyond what is necessary to demonstrate the issue.
- Do not access, modify, or delete data that does not belong to you.
We appreciate responsible disclosure and will credit researchers in our release notes if desired.
- Do not commit sensitive data (e.g., passwords, API keys) to the repository.
- Use secure coding practices and validate all inputs.
- Keep dependencies up to date and avoid using deprecated or unmaintained packages.
- Review code for potential security issues before submitting pull requests.
For all security-related issues, contact:
- Email: voravit@flowaccount.com
- Discord: https://discord.gg/channels/DevInfra