Thank you for using and contributing to Chess-TUI! Security is important to us. This document explains how you can report security vulnerabilities and what to expect after reporting.

We provide security updates for the following versions of Chess-TUI:

We recommend always running the latest release to ensure you have the most recent security fixes.

If you discover a security vulnerability in Chess-TUI, please do NOT open a public GitHub issue. Public issues may expose technical details before a fix is available.

You can report security issues in one of the following ways:

1. GitHub Security Advisory
   Use the “Security” → “Advisories” section of this repository to submit a private security report.

2. Email
   Send a detailed report to:
   thomasmauran@yahoo.com

Please include in your report:

• A clear description of the vulnerability
• Steps to reproduce or a proof-of-concept
• Affected version(s)
• Any relevant logs or screenshots

We aim to acknowledge all reports within 72 hours. After verification, we will:

• Coordinate with the reporter on disclosure details
• Prepare and release a fix
• Update this policy if needed

We will work with you on disclosure timing so that fixes can be published before public details.

By reporting issues through the channels above, you agree to:

• Not publicly disclose the vulnerability before a fix is published
• Cooperate with maintainers to validate and patch the issue

Once a security fix is ready:

• We will publish release notes for the fixed version
• We encourage users to update promptly
• Credit for discoverers may be given, unless anonymity was requested

For general guidance on creating repository security policies, see GitHub’s documentation on repository security policies and reporting vulnerabilities.