Since Gyromina is a publicly-accessible Discord bot, I take its issues (especially those involving security) very seriously. All it would take is one error or breach for Gyromina to come crashing down, so I strive to make each new release error-free and safe from exploitation.
Security patches will be distributed to the current stable minor version (x.minor.x) of Gyromina through a security patch and integrated into all active indev versions (x.x.x-alpha/beta/pre.x) of Gyromina.
Older versions will be left "as-is" for simplicity's sake, since differences between older and newer verisons of Gyromina's code may result in patch incompatibility. Additionally, I am a lone developer and I believe my time is better spent on tasks other than updating outdated versions of Gyromina.
If you find a security vulnerability, please email me at security@l375.ca, explaining the vulnerability in-depth (similar to how you would in a bug report, see the template here). Be sure to include "Gyromina Security" in the email's subject line so that I don't accidentally misplace the email and can get to work on a patch ASAP. Security vulnerabilities are serious matters, so I want to resolve them as quickly as possible.
While preparing a patch, I may request more information about certain vulnerabilities. Please try to answer these requests as quickly as possible and to the best of your ability.