Thank you for helping keep Hyper Learning Tech secure.
We take security seriously and appreciate responsible disclosure of security vulnerabilities.
Security updates are provided for the latest production version of the project.
| Version | Supported |
|---|---|
| Latest Main Branch | ✅ Yes |
| Older Releases | ❌ No |
Please do not report security vulnerabilities through public GitHub Issues or Pull Requests.
Instead, report them privately.
Security Contact
Email:
Subject:
[SECURITY] Vulnerability Report
Please include as much information as possible:
- Description of the issue
- Steps to reproduce
- Affected component
- Proof of Concept (if available)
- Impact assessment
- Suggested mitigation (optional)
After receiving your report we will:
- Acknowledge receipt within 72 hours
- Investigate the report
- Validate the vulnerability
- Develop a fix if confirmed
- Coordinate responsible disclosure when appropriate
Resolution times vary depending on the severity and complexity of the issue.
Please:
- Allow reasonable time for investigation and remediation before public disclosure.
- Avoid accessing or modifying data that does not belong to you.
- Avoid disrupting production services.
- Do not perform denial-of-service attacks or destructive testing.
- Do not publicly disclose vulnerabilities until a fix has been released.
The following generally do not qualify as security vulnerabilities:
- Typographical errors
- Documentation issues
- Feature requests
- Missing best practices without an exploitable impact
- Issues requiring physical access to a user's device
Contributors should:
- Never commit secrets or API keys.
- Use environment variables for sensitive configuration.
- Keep dependencies up to date.
- Run the project's security checks before submitting Pull Requests.
- Follow secure coding practices.
This repository uses automated checks including:
- GitHub CodeQL
- GitHub Actions CI
- CodeRabbit AI Review
- ESLint
- TypeScript
- Prettier
Additional security tooling may be introduced as the project evolves.
We appreciate everyone who responsibly reports security issues and helps improve the safety and reliability of Hyper Learning Tech.