If you discover a security vulnerability in CheckMate, please report it responsibly.

Do not open a public GitHub issue for security vulnerabilities.

Instead, please use GitHub's private vulnerability reporting feature on this repository.

• A description of the vulnerability.
• Steps to reproduce the issue.
• The potential impact.
• Any suggested fixes (if applicable).

• An acknowledgment of your report within 7 days.
• An assessment and planned fix timeline.
• Credit in the fix (unless you prefer to remain anonymous).

Security updates are applied to the latest version of the project on the main branch.

• Keep dependencies up to date.
• Never commit secrets, credentials, or API keys to the repository.
• Use environment variables or secure configuration for sensitive values.