Security

SECURITY.md

Security Policy

Reporting a Vulnerability

Please do not open public issues for security vulnerabilities.

Report privately via:

Email: security@mazuryk.dev

Include:

Affected component/path
Reproduction steps
Potential impact
Suggested mitigation (if known)

Response Targets

Initial acknowledgment: within 3 business days
Triage decision: within 7 business days
Fix timeline: depends on severity and complexity

Scope

This policy applies to all code in this repository, including frontend, backend, and CI configuration.

There aren’t any published security advisories