Use this section to tell people about which versions of your project are currently being supported with security updates.

We take the security of SikshaLink seriously. If you believe you've found a security vulnerability, please follow these steps:

1. Do not disclose the vulnerability publicly
2. Email us directly at ratnaiiitg@gmail.com
3. Include detailed information about the vulnerability and steps to reproduce
4. Wait for a response - We aim to respond within 48 hours

Once you've submitted a vulnerability report, here's what will happen:

• We'll acknowledge receipt of your report within 48 hours
• We'll provide a detailed response indicating the next steps in handling your submission
• We'll keep you informed of our progress as we address the issue
• After the vulnerability has been fixed, we may ask you to validate the fix

At this time, we don't offer a formal bug bounty program. However, we will acknowledge security researchers who report valid vulnerabilities in our CONTRIBUTORS.md file (unless you wish to remain anonymous).

• Never commit sensitive information (passwords, API keys, etc.)
• Follow secure coding practices
• Regularly update dependencies to address known vulnerabilities
• Write tests that validate security assumptions
• Review code for common security issues before submitting PRs