CropVector is a personal project maintained by the developer behind the GitHub account Ryson-Theo. It is not operated as a corporate product.
We actively maintain security updates for the following versions of CropVector:
| Version | Status |
|---|---|
1.x.x |
π’ Active Support |
0.x.x |
π‘ Security Fixes Only |
< 0.x |
π΄ Not Supported |
If you are using an unsupported version, we strongly recommend upgrading to the latest release.
If you discover a security vulnerability, please do not open a public issue.
Instead, report it privately so we can address it responsibly.
Email: rysontheo@proton.me
When reporting, please include:
- A clear and concise description of the vulnerability.
- Steps to reproduce the issue.
- Any relevant logs, screenshots, or proof-of-concept code.
- The impact or potential risk of the vulnerability.
We will acknowledge your report within 48 hours and provide updates as we work on a fix.
To help keep the project secure while contributing:
- Never commit
.envfiles or private API keys. - Avoid logging sensitive user data (passwords, tokens, payment info).
- Validate and sanitize all user input before processing.
- Use HTTPS for all network requests in production.
- Follow the principle of least privilege when configuring API keys and service accounts.
We deeply appreciate researchers and contributors who help strengthen platform security.
Please do:
- β Report vulnerabilities privately
- β Allow maintainers time to fix the problem
- β Avoid deliberately exploiting the vulnerability
Please do not:
- β Publicly disclose the vulnerability before a fix is released
- β Use the vulnerability to access private user data
- β Perform stress tests, DDoS attempts, or destructive attacks
Your efforts help keep CropVector safe, reliable, and trusted by users.
We appreciate your commitment to security.