| Version | Supported |
|---|---|
| 1.x | ✅ Yes |
| < 1.0 | ❌ No |
If you discover a security vulnerability in GSearch, please do not open a public GitHub issue.
Instead, report it privately:
- Go to the Security Advisories page
- Click "New draft security advisory"
- Describe the vulnerability clearly
Or email directly: reach out via GitHub profile @swagat27
- Description of the vulnerability
- Steps to reproduce
- Potential impact
- Suggested fix (if any)
- Acknowledgment: Within 48 hours
- Assessment: Within 7 days
- Fix & Disclosure: Coordinated with the reporter
GSearch is a fully client-side, static web app. It makes no server-side requests and stores no user data.
Potential security concerns include:
- XSS via unsanitized search results from scraped sources
- Third-party API key exposure (currently none are used)
- Open redirect vulnerabilities in fallback search URLs
Thank you for helping keep GSearch safe!