The security of the Shafeea project is our highest priority. We deeply appreciate the efforts of security researchers and the community to help us keep our project safe. 🫶

We are committed to providing security updates for the following versions. Please ensure you are using a supported version before reporting.

If you discover a security vulnerability, we would be incredibly grateful for your help in disclosing it to us responsibly.

🚨 IMPORTANT: DO NOT report security vulnerabilities through public GitHub issues. 🚨

Public disclosure of a vulnerability can put the entire community at risk. Please follow the private reporting process below.

To report a vulnerability, please send a detailed email to Emran Nasser at: amrannaser3@gmail.com

To help us resolve the issue as quickly as possible, please include the following in your report:

• 📝 A detailed description of the vulnerability and its potential impact.
• 🪜 Clear, step-by-step instructions to reproduce the vulnerability.
• 🧪 Any proof-of-concept (PoC) code, screenshots, or videos that demonstrate the issue.
• 🏷️ The version of the project you were using when you discovered the vulnerability.

After you submit your report, here is what you can expect from us:

1. Acknowledgement: You will receive an automated confirmation, followed by a personal acknowledgment of your report within 48 hours.
2. Updates: We will provide regular updates on our progress as we investigate and work on a fix.
3. Resolution: Once the vulnerability is patched, we will notify you. We are happy to coordinate a public announcement and credit you for your discovery.

• Q: Can I get credit for reporting a vulnerability?
  • A: Absolutely! We love to recognize and thank our security contributors (unless you prefer to remain anonymous).
• Q: What if I have a question about security but it's not a vulnerability?
  • A: Please reach out via email or open a private discussion.

Thank you for helping keep Shafeea and its users safe. We truly appreciate your contribution! 🙏