This document outlines security procedures and general policies for TabMerger.

I take all security bugs extremely seriously. Thank you for improving (or wanting to improve) TabMerger's security. I appreciate your efforts/responsible disclosure and will make every effort to acknowledge your contributions.

Report security bugs by emailing me (repository owner/maintainer) at [email protected].

I will acknowledge your email within 24 hours, and will send a more detailed response within 48 hours indicating the next steps in handling your report. After the initial reply to your report, I will keep you informed of the progress towards a fix and full announcement, and may ask for additional information and/or guidance.

Note: You should report security bugs in third-party modules to the person or team maintaining that module.

When I receive a security bug report, I will assign it to a primary handler (either myself or a trustworthy contributor). This person will coordinate the fix and release process, involving the following steps:

• Confirm the problem and determine the affected versions.
• Audit code to find any potential similar problems.
• Prepare fixes for all releases still under maintenance.
• Release above-mentioned fixes as soon as possible to both production and public environments.