We release patches for security vulnerabilities in the following versions:

The devdocx team takes security bugs seriously. We appreciate your efforts to responsibly disclose your findings.

If you discover a security vulnerability, please follow these steps:

1. DO NOT open a public GitHub issue
2. Email the maintainers directly (if email is provided) or
3. Open a private security advisory on GitHub:
   • Go to the Security tab
   • Click "Report a vulnerability"
   • Fill in the details

Please include the following information in your report:

• Description of the vulnerability
• Steps to reproduce the issue
• Potential impact
• Suggested fix (if you have one)
• Your contact information

• We will acknowledge receipt of your vulnerability report within 48 hours
• We will send a more detailed response within 5 business days
• We will work on a fix and keep you informed of our progress
• Once the vulnerability is fixed, we will publicly disclose it (with credit to you, if desired)

While using devdocx:

• Always use the latest version
• Be cautious when running code examples from documentation
• Report any suspicious content in documentation
• Verify package integrity when installing

We believe in responsible disclosure. We request that you:

• Give us reasonable time to fix the vulnerability before public disclosure
• Make a good faith effort to avoid privacy violations and data destruction

We thank all security researchers who help keep devdocx and our community safe. Contributors who report valid security issues will be:

• Publicly acknowledged (if they wish)
• Listed in our security hall of fame
• Given credit in the release notes

If you have suggestions on how this process could be improved, please submit a pull request or open an issue.

Thank you for helping keep devdocx and our users safe! 🛡️