If you discover a security vulnerability in clin, please report it responsibly:
- Do not open a public GitHub issue
- Email mdag.92988@protonmail.com with details
- Include steps to reproduce if possible
You should receive a response within 48 hours.
Security issues in the following areas are in scope:
- Encryption implementation (ChaCha20-Poly1305)
- Key derivation and storage
- Memory handling of sensitive data (zeroization)
- File permission issues
- Dependency vulnerabilities