To report a security vulnerability, please send an email to amerfathullah@gmail.com. I will review and respond to your report as soon as possible. If the issue is confirmed, I will take appropriate actions to mitigate the vulnerability and release a fix.

This project supports the latest version of the codebase on the main branch. Older versions may not receive security updates unless deemed necessary.

I encourage responsible disclosure of security vulnerabilities. If you discover a vulnerability, please follow these guidelines:

• Do not exploit the vulnerability or share details of it publicly before it has been resolved.
• Provide us with a reasonable amount of time to address the issue before disclosing it publicly.

• Regularly update dependencies to their latest versions to avoid vulnerabilities in outdated packages.
• Use npm audit or yarn audit to check for known security vulnerabilities in dependencies.

• Sanitize Inputs: Always sanitize and validate inputs to prevent injection attacks.
• Use Secure Libraries: Use well-known and secure libraries for critical functionality.
• Avoid Direct DOM Manipulation: Prefer using React state and props to manipulate the DOM, reducing the risk of XSS attacks.

• Use industry-standard practices for authentication (e.g., JWT, OAuth) and secure storage mechanisms for tokens.
• Implement authorization checks on the server side to ensure users can only access authorized resources.

• Ensure your server is configured to use HTTPS to encrypt data in transit, preventing interception attacks.

• Implement proper error handling to avoid leaking sensitive information.
• Provide informative error messages without revealing system details to users.

• Monitor and log security-related events to detect and respond to potential security incidents.

If you have any questions or concerns regarding the security of this project, please contact amerfathullah@gmail.com.

I appreciate the efforts of security researchers and developers who help us improve the security of my project. Your contributions and responsible disclosures are invaluable to us.