Add a security policy

[JamieSlome]

Hey there!

I belong to an open source security research community, and a member (@Shivansh-Khari) has found an issue, but doesn’t know the best way to disclose it.

If not a hassle, might you kindly add a SECURITY.md file with an email, or another contact method? GitHub recommends this best practice to ensure security issues are responsibly disclosed, and it would serve as a simple instruction for security researchers in the future.

Thank you for your consideration, and I look forward to hearing from you!

(cc @huntr-helper)

[JamieSlome]

@DominikSerafin - is this repository still being actively maintained?

I will drop the report here for reference in any case:
https://www.huntr.dev/bounties/a5587175-105f-409d-aadf-43b1ed6dc20e/

It is private and only accessible to maintainers with repository write permissions! 👍

[soulteary]

Thanks for the feedback, we have created SECURITY.md, and any risk and security issues with the project are currently acceptable for feedback and disclosure in ISSUE.

Thanks again for your feedback. @JamieSlome

[JamieSlome]

@soulteary - thanks for your response! ⚡

You can actually view the report directly here:
https://huntr.dev/bounties/a5587175-105f-409d-aadf-43b1ed6dc20e/

It is private and only accessible to maintainers with repository write permissions 👍 Let me know if you have any questions.