| Version | Supported |
|---|---|
| Latest | ✅ |
If you discover a security vulnerability in this project, please report it responsibly.
Do NOT open a public GitHub issue for security vulnerabilities.
- Go to the Security Advisories page
- Click "New draft security advisory"
- Fill in the details of the vulnerability
Alternatively, you can email the maintainer directly via the contact information on their GitHub profile.
- Description of the vulnerability
- Steps to reproduce
- Potential impact
- Suggested fix (if any)
- Acknowledgment: Within 72 hours
- Initial assessment: Within 1 week
- Fix timeline: Depends on severity, typically within 30 days for critical issues
This policy covers:
- The web application code in this repository
- CI/CD pipeline configurations
- Dependencies used by the project
Out of scope:
- The deployed Cloudflare Pages infrastructure itself
- Third-party services (YouTube, Wistia, Formspree)