Use this section to tell people about which versions of your project are currently being supported with security updates.

Please do NOT open a public GitHub Issue to report security vulnerabilities.

If you discover a security vulnerability, we'd like to know about it so we can take steps to address it as quickly as possible. Please follow these steps to report a vulnerability:

1. Email: Send an email to hello@humanos.foundation or use the preferred secure contact method for your organization.
2. Details: Include the following information in your report:
   • A detailed description of the vulnerability.
   • The steps required to reproduce the vulnerability.
   • The versions of the framework/service affected.
   • Any potential impact or risk associated with the vulnerability.
   • Any suggested mitigations or fixes.

Upon receiving a vulnerability report, our security team will:

1. Acknowledge receipt of your report within 48 hours.
2. Investigate the issue to confirm the vulnerability and determine its severity.
3. Work with you to understand the vulnerability fully and formulate a remediation plan.
4. Keep you updated on our progress as we work to resolve the issue.

We ask that you maintain confidentiality until we have had an opportunity to address the vulnerability and release a fix or mitigation.

Once a vulnerability has been addressed, we will coordinate public disclosure with you. We value the contributions of security researchers and will provide appropriate credit (if desired) for responsibly disclosed vulnerabilities.