We release patches for security vulnerabilities. Which versions are eligible for receiving such patches depend on the vulnerability's severity.

If you discover a security vulnerability within this project, please take the following steps:

1. Do not disclose it publicly until we have a chance to address it. Publicly disclosing a security vulnerability can put the entire user base at risk.

2. Report it via discord: Send a ticket to discord support server with a detailed description of the vulnerability. Include any steps needed to reproduce the issue, potential impacts, and any suggested fixes or mitigations.

3. Wait for our response: We will acknowledge your ticket within 24 hours and will start investigating the issue. We will provide an initial response within 48 hours, including an estimated timeline for a fix.

4. Coordinate disclosure: Once the issue is fixed, we will release a patch and publicly announce the vulnerability. We will coordinate with you on the timing of this announcement to ensure it aligns with best practices for responsible disclosure.

To ensure the security of our project, we follow these general practices:

• Regular updates: We keep our dependencies and libraries up to date with the latest security patches.
• Code reviews: All changes to the codebase are reviewed by at least one other contributor.
• Automated testing: We use automated tests to verify the functionality and security of the codebase.

We value the community's contributions to improving the security of our project. If you have any questions or suggestions regarding our security practices, feel free to reach out to us.

Thank you for helping to keep this project secure!