We take security vulnerabilities seriously. If you discover a security issue, please report it responsibly.

Please do NOT report security vulnerabilities through public GitHub issues.

Instead, please send an email to: contact@hother.io

Include the following information in your report:

• Description of the vulnerability
• Steps to reproduce the issue
• Potential impact
• Any suggested fixes (optional)

• Acknowledgment: We will acknowledge receipt of your report within 48 hours
• Assessment: We will investigate and assess the vulnerability within 7 days
• Resolution: We aim to resolve critical vulnerabilities within 30 days
• Disclosure: We will coordinate with you on public disclosure timing

This security policy applies to:

• The Streamblocks library (streamblocks package)
• Official documentation
• Example code in the repository

• Third-party dependencies (please report to the respective maintainers)
• Issues in user implementations using Streamblocks

When using Streamblocks:

1. Keep dependencies updated: Regularly update to the latest version
2. Validate input: Always validate and sanitize input streams
3. Review block content: Be cautious when processing untrusted block content

We appreciate the security research community's efforts in helping keep Streamblocks secure. Contributors who report valid security issues will be acknowledged here (with permission).