orbit
.github
SECURITY.md

SECURITY.md

Security Policy

Supported Versions

Version Supported
1.0.x :white_check_mark:
< 1.0 :x:

Reporting a Vulnerability

If you discover a security vulnerability within Orbit, please send an email to [choco@choco.rip]. All security vulnerabilities will be promptly addressed.

Please do not publicly disclose the issue until it has been addressed by the team.

Process

  1. Email your findings to [choco@choco.rip]
  2. You will receive a response within 48 hours
  3. We will investigate and keep you updated on our findings
  4. Once the issue is confirmed and fixed, we will notify you
  5. We will publicly disclose the issue (if applicable)

Security Best Practices

When using Orbit:

  1. Keep your bot token secure and never commit it to version control
  2. Regularly rotate your bot token
  3. Use environment variables for sensitive information
  4. Implement proper permission checks in your commands
  5. Regularly update dependencies to patch security vulnerabilities