# Security Policy

## Supported Versions

Use the latest version of Keyweave for the latest security updates.

## Reporting Vulnerabilities

To report a security issue, please email [bart@vanderbraak.nl](mailto:bart@vanderbraak.nl) with a detailed description and steps to reproduce. Do not file a public issue for security vulnerabilities.

### Response Timeline

We aim to respond to security reports within 48 hours, and to patch the issue within a reasonable timeframe depending on the severity.

### Responsible Disclosure

Please allow us a reasonable timeframe to address the issue before publicly disclosing it.

### Acknowledgements

We appreciate the responsible disclosure of issues by our users and will acknowledge contributors in our release notes.

## Security Best Practices

- Ensure you are running the latest version of Keyweave.
- Follow secure password and authentication practices.

## Contact Alternatives

If you are unable to send an email, please open an issue on GitHub without disclosing details such that we can establish a alternative form of communication.