SmartWatt is maintained on the main branch in this repository.

If you discover a security issue, do not open a public issue with exploit details.

Please report privately to the maintainers with:

• A clear description of the issue.
• Reproduction steps.
• Impact assessment.
• Suggested mitigation, if known.

• Never commit .env or .env.local files.
• Keep production credentials out of source control.
• Rotate credentials immediately if accidental exposure is detected.

• Maintainers will acknowledge a report as quickly as possible.
• Confirmed issues will be fixed and documented.
• Public disclosure should happen only after a patch is available.