If you discover a security vulnerability, please report it responsibly.
Do not open a public GitHub issue for security vulnerabilities.
Instead, email the maintainer directly or use GitHub's private vulnerability reporting.
Please include:
- Description of the vulnerability
- Steps to reproduce
- Potential impact
- Suggested fix (if any)
You should receive a response within 48 hours. We will work with you to understand and address the issue before any public disclosure.
This policy applies to the Photobot codebase and its dependencies. If you find a vulnerability in a third-party dependency, please report it to that project as well.