If you discover a security vulnerability in The Dev Pocket, please help us by responsibly disclosing it. Do not open a public GitHub issue.
Instead, report it privately to the maintainers:
- Email: darshan.rajput369@gmail.com
- Or contact a project maintainer directly if you know one.
We will acknowledge your report within 48 hours, investigate, and provide a timeline for a fix.
- Do not publicly disclose the issue until it has been fixed.
- Do not exploit the vulnerability.
- Do not use the issue tracker for sensitive reports.
- We will handle all reports discreetly and respectfully.
- Fixes will be prioritized and released as soon as possible.
- Credit will be given to security researchers unless they wish to remain anonymous.
We release security updates only for the latest main branch. Users should always keep their installation up-to-date.
| Version | Supported |
|---|---|
| Latest (main) | ✅ Yes |
| Older versions | ❌ No |
When using The Dev Pocket, we recommend:
- Keep your installation up-to-date with the latest version
- Review security advisories regularly
- Report any suspicious activity immediately
- Use environment variables for sensitive data (never hardcode credentials)
- Follow principle of least privilege when configuring permissions
For security concerns, reach out to: darshan.rajput369@gmail.com
Thank you for helping keep The Dev Pocket safe and secure! 🙏