This document outlines the security policies, vulnerability reporting processes, and security compliance guidelines for the Sbjiwala eCommerce Platform.
This project and its security protocols are copyrighted by Vikash kumar (@vikukumar). All Rights Reserved. No unauthorized replication or usage of this security configuration is permitted.
Only the latest release matching the active version in version.json receives security updates.
| Version | Supported |
|---|---|
| v1.x.x | ✅ |
| < v1.0 | ❌ |
If you discover a security vulnerability in this project, DO NOT open a public GitHub issue. Instead, please report it responsibly by contacting the repository owner directly:
- Contact: GitHub Profile @vikukumar (Vikash kumar)
- Email: Direct communications regarding security breaches must be sent to the owner's official address or requested via direct messages.
Please include the following information in your security report to help us evaluate the issue:
- Description: Detail the nature of the vulnerability.
- Impact: Explain the potential security risk and exploitability (e.g. Privilege Escalation, SQL Injection, OAuth token leakage).
- PoC (Proof of Concept): Provide step-by-step instructions or scripts to reproduce the issue.
- Resolution (Optional): If you have a fix or mitigation strategy, please share it.
We aim to acknowledge and address all critical vulnerability reports within 48 to 72 hours.
To protect users and stores operating on the Sbjiwala network, we follow a responsible disclosure policy. We request that you:
- Do not share details of the vulnerability publicly until a fix has been compiled and deployed.
- Give us reasonable time to mitigate the exploit before public disclosure.