29 lines
1.2 KiB
Markdown
29 lines
1.2 KiB
Markdown
# Security Policy
|
|
|
|
## Supported Versions
|
|
We actively support the latest version of the bot and provide security fixes for the previous stable release.
|
|
|
|
## Reporting a Vulnerability
|
|
If you discover a security vulnerability in the bot, please report it responsibly. We ask that you **do not publicly disclose** the issue until it has been resolved.
|
|
|
|
### How to Report
|
|
Send a detailed report to **[alexalexandramueller@gmx.de]** including:
|
|
- Steps to reproduce the issue
|
|
- Expected vs. actual behavior
|
|
- Any relevant logs or screenshots
|
|
|
|
We will respond within **48 hours**.
|
|
|
|
## Security Updates
|
|
Security updates will be published as new releases. Always ensure you are using the latest version to stay protected.
|
|
|
|
## Security Best Practices for Bot Users
|
|
- **Never share your bot token publicly.** If it is compromised, regenerate it immediately.
|
|
- **Limit permissions** of the bot to only what is necessary.
|
|
- **Regularly update dependencies** to patch known vulnerabilities.
|
|
- Monitor your bot's environment for suspicious activity.
|
|
|
|
## Acknowledgments
|
|
We appreciate all security researchers who help keep this bot safe. You will be credited (unless you request anonymity) in the release notes of the security update.
|
|
|