Security

SECURITY.md

Security Policy — Sawaka

🔐 Reporting a Vulnerability

Please do not open a public issue for security vulnerabilities.

To report a vulnerability, contact:

security@sawaka.org

We aim to respond within 48 hours.

🛠 Supported Versions

Version	Supported
main	✔ Supported
other branches	❌ Not guaranteed

🧪 Recommended Security Practices

Never expose API keys
Always use .env files (never commit them)
Apply the principle of least privilege

There aren’t any published security advisories