If you discover a security vulnerability in GoNow, please do not open a public GitHub issue.
Instead, report it privately:
- Open a GitHub Security Advisory in this repo
- Or contact via the email on the author's profile
Please include:
- A clear description of the vulnerability
- Steps to reproduce
- Potential impact
You can expect an acknowledgement within 48 hours.
This policy covers the source code in this repository. It does not cover any live deployments or third-party services (Firebase, Google Maps, etc.) — report those directly to the respective vendors.