From a184b62b022c5ff8acfae486a9e206b3485067cc Mon Sep 17 00:00:00 2001 From: optimidev Date: Sun, 12 Oct 2025 14:50:24 +0200 Subject: [PATCH] =?UTF-8?q?SECURITY.md=20hinzugef=C3=BCgt?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- SECURITY.md | 28 ++++++++++++++++++++++++++++ 1 file changed, 28 insertions(+) create mode 100644 SECURITY.md diff --git a/SECURITY.md b/SECURITY.md new file mode 100644 index 0000000..f4c4f78 --- /dev/null +++ b/SECURITY.md @@ -0,0 +1,28 @@ +# Security Policy + +## Supported Versions +We actively support the latest version of the bot and provide security fixes for the previous stable release. + +## Reporting a Vulnerability +If you discover a security vulnerability in the bot, please report it responsibly. We ask that you **do not publicly disclose** the issue until it has been resolved. + +### How to Report +Send a detailed report to **[alexalexandramueller@gmx.de]** including: +- Steps to reproduce the issue +- Expected vs. actual behavior +- Any relevant logs or screenshots + +We will respond within **48 hours**. + +## Security Updates +Security updates will be published as new releases. Always ensure you are using the latest version to stay protected. + +## Security Best Practices for Bot Users +- **Never share your bot token publicly.** If it is compromised, regenerate it immediately. +- **Limit permissions** of the bot to only what is necessary. +- **Regularly update dependencies** to patch known vulnerabilities. +- Monitor your bot's environment for suspicious activity. + +## Acknowledgments +We appreciate all security researchers who help keep this bot safe. You will be credited (unless you request anonymity) in the release notes of the security update. +