Skip to content

Security: imuniqueshiv/HyperLearningTech

Security

SECURITY.md

Security Policy

Thank you for helping keep Hyper Learning Tech secure.

We take security seriously and appreciate responsible disclosure of security vulnerabilities.


Supported Versions

Security updates are provided for the latest production version of the project.

Version Supported
Latest Main Branch ✅ Yes
Older Releases ❌ No

Reporting a Vulnerability

Please do not report security vulnerabilities through public GitHub Issues or Pull Requests.

Instead, report them privately.

Security Contact

Email:

hyperlearningtech@gmail.com

Subject:

[SECURITY] Vulnerability Report

Please include as much information as possible:

  • Description of the issue
  • Steps to reproduce
  • Affected component
  • Proof of Concept (if available)
  • Impact assessment
  • Suggested mitigation (optional)

What to Expect

After receiving your report we will:

  • Acknowledge receipt within 72 hours
  • Investigate the report
  • Validate the vulnerability
  • Develop a fix if confirmed
  • Coordinate responsible disclosure when appropriate

Resolution times vary depending on the severity and complexity of the issue.


Responsible Disclosure

Please:

  • Allow reasonable time for investigation and remediation before public disclosure.
  • Avoid accessing or modifying data that does not belong to you.
  • Avoid disrupting production services.
  • Do not perform denial-of-service attacks or destructive testing.
  • Do not publicly disclose vulnerabilities until a fix has been released.

Out of Scope

The following generally do not qualify as security vulnerabilities:

  • Typographical errors
  • Documentation issues
  • Feature requests
  • Missing best practices without an exploitable impact
  • Issues requiring physical access to a user's device

Security Best Practices

Contributors should:

  • Never commit secrets or API keys.
  • Use environment variables for sensitive configuration.
  • Keep dependencies up to date.
  • Run the project's security checks before submitting Pull Requests.
  • Follow secure coding practices.

Security Tools

This repository uses automated checks including:

  • GitHub CodeQL
  • GitHub Actions CI
  • CodeRabbit AI Review
  • ESLint
  • TypeScript
  • Prettier

Additional security tooling may be introduced as the project evolves.


Acknowledgements

We appreciate everyone who responsibly reports security issues and helps improve the safety and reliability of Hyper Learning Tech.

There aren't any published security advisories