Security Policy

Security Policy

Reporting a Vulnerability

Jawafdehi.org takes security seriously. If you discover a security vulnerability in any Jawafdehi project, please report it responsibly.

Do not open a public issue. Instead, please email:

security@jawafdehi.org

We will acknowledge your report within 72 hours and provide an estimated timeline for a fix.

Scope

This policy covers all repositories under the Jawafdehi GitHub organization.

Disclosure

We follow coordinated disclosure. Once a fix is available, we will publish a security advisory and credit the reporter (unless anonymity is requested).

Supported Versions

Only the latest release or the main branch is actively supported with security patches.