| Version | Supported |
|---|---|
| 1.0.x | ✅ |
- Change the Secret Key: Always set a strong, random
SECRET_KEYin production - Use HTTPS: Configure SSL/TLS certificates for encrypted communication
- Firewall Configuration: Restrict access to server ports (5000, 8080)
- Regular Updates: Keep all dependencies up to date
- Input Validation: All user inputs are validated and sanitized
- Database Security: SQLite databases should have appropriate file permissions
Never commit .env files to version control. Always use .env.example as a template.
Run security checks regularly:
# Install security tools
pip install safety bandit
# Check for known vulnerabilities
safety check
# Run security linter
bandit -r src/Please report security vulnerabilities to: security@example.com
We will respond within 48 hours and provide updates every 72 hours until resolution.