docs/SECURITY.md

If you have discovered a security vulnerability in any of the SimonDarksideJ projects, please report the vulnerability privately toappfeedback@zenithmoon.com. We ask that you do this privately and allow us a chance to patch the vulnerability and push an update for existing users. After a security vulnerability is reported and verified, our policy is to perform the following:

1. Patch the release branch of the repository in question to eliminate the vulnerability
2. Issue a new security fix release of the current version
3. Issue a public statement through the following channels
   • If the project has a public website, a statement will be issued on the home page of the site for the project
   • If the project has a discord server, a statement will be issued on the discord server of the project.
   • A public statement will be issued on theSimonDarksideJ Twitter account.

Please report any security vulnerabilities privately toappfeedback@zenithmoon.com. Once reported, we will work with you on verifying the vulnerability.

When reporting a security vulnerability, please provide the following information. You can copy/paste the following as a template

1. The name of the project or GitHub repository that contains the security vulnerability.2. A description of the vulnerability3. Steps that can be used to recreate the vulnerability.4. Any additional information you may think is relevant (no matter how small).

There aren’t any published security advisories