This document outlines the security policies and reporting procedures for Nexora. We take the security of this project seriously and appreciate responsible disclosure of any vulnerabilities.

Currently, security updates are actively provided for the following versions:

If you discover a security vulnerability in this project, please do not open a public issue. Doing so exposes the vulnerability to the public before a fix can be prepared and released.

Instead, please report the vulnerability confidentially by emailing the project maintainer:

Email: jeetsavaliya1908@gmail.com

To help us triage and resolve the issue quickly, please include as much of the following information as possible in your report:

• A detailed description of the vulnerability, including its potential impact.
• Step-by-step instructions or a proof-of-concept (PoC) script to reproduce the issue.
• Details of the environment where the vulnerability was identified (operating system, Python version, Node version, library versions).
• Any potential remediations or fixes you suggest.

Once a vulnerability report is received, the maintainer will:

1. Acknowledge receipt of the report within 48 hours.
2. Investigate the issue to confirm the vulnerability and assess its severity.
3. Keep the reporter informed of the progress toward a resolution.
4. Prepare a security patch in a private branch.
5. Coordinate the release of the patch and publish a security advisory if appropriate.
6. Target a full resolution within 30 days of the initial report.