We take the security of Portless.NET seriously. If you have discovered a security vulnerability, we appreciate your help in disclosing it to us in a responsible manner.

Please do not report security vulnerabilities through public GitHub issues.

Instead, please report them via one of the following methods:

1. Email: Send a detailed report to sergio@tnzservicios.es
2. GitHub Security Advisory: Use the GitHub Security Advisory feature to privately report a vulnerability

Please include the following information in your report:

• Description of the vulnerability
• Steps to reproduce the issue
• Affected versions (if known)
• Potential impact of the vulnerability
• Possible fixes (if you have suggestions)

• Acknowledgment: We will acknowledge receipt of your report within 48 hours
• Initial Assessment: We will provide an initial assessment within 5 business days
• Updates: We will keep you informed of our progress throughout the resolution process
• Resolution: Critical vulnerabilities will be addressed as a priority

We ask that you:

• Give us a reasonable amount of time to fix the issue before any public disclosure
• Make a good faith effort to avoid privacy destruction, data loss, or degradation of user experience
• Do not access or modify other users' data without permission

We believe in recognizing the contributions of security researchers. If you report a vulnerability responsibly, we will:

• Credit you in the security advisory (unless you prefer to remain anonymous)
• Thank you in our release notes

Thank you for helping keep Portless.NET and its users safe!