<!--
 - SPDX-FileCopyrightText: 2024 LibreCode coop and contributors
 - SPDX-License-Identifier: AGPL-3.0-or-later
-->
# Security Policy

## Reporting a Vulnerability

If you discover a vulnerability in our system, please use the following process:

1. **Where to Report:** Submit your report via the [GitHub private reporting feature](https://docs.github.com/en/code-security/security-advisories/guidance-on-reporting-and-writing-information-about-vulnerabilities/privately-reporting-a-security-vulnerability).
2. **Updates:** Expect an initial response within 48 hours.
3. **Review Process:** We'll personally review your report and may contact you for further information.
4. **Outcome:** You will be informed whether the vulnerability has been accepted or declined. If accepted, We'll work on implementing a fix.

Your contributions to the security of this project are greatly appreciated.