This document outlines security procedures and general policies for the Fancy Readme Stats project, a fork of the original GitHub Readme Stats by Anurag Hazra.
The Fancy Readme Stats team values the responsible disclosure of vulnerabilities and appreciates your contributions to improving the security of this project.
To report a vulnerability:
-
Contact us via email:
Send an email to the Fancy Readme Stats team at: -
If applicable, notify the original repository:
-
If the vulnerability also affects the original GitHub Readme Stats repository, please report it to the original author, Anurag Hazra, at:
-
-
Response timeline:
- Acknowledgment: You will receive a response from us within 24 hours.
- Detailed follow-up: Within 48 hours, we will provide an update on the next steps and may request further information if needed.
-
Progress updates:
- We will keep you informed about progress toward identifying and fixing the issue.
If the vulnerability involves a third-party module or dependency, please report it to the maintainers of that module as well.
When the Fancy Readme Stats security team receives a vulnerability report, the following process will be followed:
-
Assignment of a handler:
- A team member will act as the primary contact and lead the resolution process.
-
Validation and investigation:
- Confirm the issue and assess its scope.
- Review related code to identify similar vulnerabilities.
-
Resolution process:
- Develop, test, and implement a fix for the issue.
- Prepare an updated release to address the vulnerability.
-
Public announcement and patch release:
- After resolving the issue, we will release a patch and notify users with details about the vulnerability and its resolution.