If you have discovered a security vulnerability in any of the AristurlteDev projects, please report the vulnerability privately to aristurtledev@gmail.com. We ask that you do this privately and allow us a chance to patch the vulnerability and push an update for existing users. After a security vulnerability is reported and verified, our policy is to perform the following:

1. Patch the release branch of the repository in question to eliminate the vulnerability
2. Issue a new security fix release of the current version
3. Issue a public statement through the following channels
   • If the project has a public website, a statement will be issued on the home page of the site for the project
   • If the project has a discord server, a statement will be issued on the discord server of the project.
   • A public statement will be issued on the AristurlteDev Twitter account.

Please report any security vulnerabilities privately to aristurtledev@gmail.com. Once reported, we will work with you on verifying the vulnerability.

When reporting a security vulnerability, please provide the following information. You can copy/paste the following as a template

1. The name of the project or GitHub repository that contains the security vulnerability.
2. A description of the vulnerability
3. Steps that can be used to recreate the vulnerability.
4. Any additional information you may think is relevant (no matter how small).