# Security Policy ## Reporting a Vulnerability If you discover a security vulnerability in the Tomato Timer CLI project, please report it to our security team at . We take security issues seriously and appreciate your efforts in responsibly disclosing any vulnerabilities. ## Supported Versions The following versions of Tomato Timer CLI are currently supported with security updates: - Version 1.0.0 and above ## Vulnerability Disclosure Process Once a vulnerability is reported, our security team will investigate and assess the impact. We will work diligently to address the issue and develop a fix. If the vulnerability is confirmed, we will follow these steps: 1. Develop a patch or fix for the vulnerability. 2. Test the patch thoroughly to ensure it resolves the issue. 3. Release the patch as a new version of Tomato Timer CLI. 4. Notify users about the vulnerability and provide instructions on how to update to the latest secure version. ## Bug Bounty Program We currently do not have a bug bounty program in place for the Tomato Timer CLI project. However, we appreciate and value any security-related contributions from the community. If you discover a vulnerability, please follow the reporting process mentioned above. ## Responsible Disclosure We kindly request that you refrain from publicly disclosing any vulnerabilities until we have had sufficient time to address them. We strive to provide timely updates and fixes to ensure the security of our users. ## Contact If you have any questions or concerns regarding the security of Tomato Timer CLI, please contact our security team at .