Currently supported versions with security updates:

We take security vulnerabilities seriously. If you discover a security issue, please follow these steps:

1. Do NOT open a public GitHub issue for security vulnerabilities
2. Send a detailed report to the project maintainers via:
   • GitHub Security Advisories (preferred)
   • Email to the repository owner

Please include as much information as possible:

• Description of the vulnerability
• Steps to reproduce the issue
• Potential impact
• Suggested fix (if you have one)
• Your contact information for follow-up

• Acknowledgment: Within 48 hours of report
• Initial Assessment: Within 7 days
• Fix Timeline: Depends on severity
  • Critical: 1-7 days
  • High: 7-30 days
  • Medium: 30-90 days
  • Low: Best effort

When using DiskOfflaner:

1. Run with Least Privilege: Only run as administrator/root when necessary
2. Verify Downloads: Check file signatures on Windows releases
3. Keep Updated: Use the latest version for security patches
4. Backup Data: Always maintain backups before disk operations
5. Review Operations: Double-check before taking disks offline

• This application requires elevated privileges to perform disk operations
• Always verify the source before running with admin/root access
• Review code or use official releases only

• Official releases are digitally signed
• Verify signatures before execution to prevent tampering
• See scripts/verify_signature.ps1 for verification

• Dependencies are regularly audited with cargo audit
• Critical vulnerabilities are addressed promptly
• See Cargo.lock for exact dependency versions

Contributors should:

• Follow secure coding practices outlined in CONTRIBUTING.md
• Run cargo clippy to catch potential security issues
• Minimize unsafe code blocks
• Document all platform-specific security implications
• Test with various privilege levels

• Security vulnerabilities will be disclosed after a fix is available
• Users will be notified via GitHub releases and security advisories
• Credit will be given to researchers who responsibly disclose issues

For security concerns, please use GitHub's security advisory feature or contact the repository maintainers directly.

Thank you for helping keep DiskOfflaner and its users safe!