Being a security tool, we take security seriously and strive to maintain a secure development process & use of clean components. This document outlines our approach to handling security-related issues.
We encourage responsible disclosure of security vulnerabilities in Whispr. If you believe you've found a security issue, please report it to us using the GitHub
Issues feature or via email at narenarya@live.com
.
Do not disclose security issues publicly without our permission.
When reporting a security vulnerability, please include:
- Clear description: A detailed explanation of the issue.
- Steps to reproduce: A step-by-step guide on how to reproduce the issue.
- Potential impact: An estimate of the potential impact if exploited.
- Fix suggestion: Any suggested fixes or mitigations.
When a security vulnerability is reported, our process includes:
- Acknowledgment: We'll respond to acknowledge receipt of your report and express gratitude for bringing it to our attention.
- Internal review: Our team will investigate the issue internally.
- Verification: We'll verify the existence of the vulnerability through testing or other means.
- Fix development: If the issue is confirmed, we'll develop a fix.
- Release: Once the fix is developed and tested, it will be released in a new version of Whispr.