The PyExe Builder Professional project currently supports the latest release. Security updates will be applied to the main branch and included in subsequent releases.

We take the security of the PyExe Builder Professional project seriously. If you discover a security vulnerability, please report it responsibly by following these steps:

1. Do Not Disclose Publicly: Avoid disclosing the issue in public forums, such as GitHub issues, until it has been addressed.
2. Contact the Maintainer: Send a detailed report to the project maintainer at @VoxDroid via GitHub or through other private communication channels (e.g., email, if provided).
3. Provide Details:
   • Describe the vulnerability and its potential impact.
   • Include steps to reproduce the issue, if possible.
   • Specify the affected version or commit.
4. Expect a Response: The maintainer will acknowledge your report within 48 hours and work with you to assess and address the issue.

• Once a vulnerability is confirmed, the maintainers will prioritize and develop a fix.
• A patch will be applied to the main branch and included in the next release.
• You will be notified when the issue is resolved and credited (if desired) in the release notes or documentation, unless you prefer to remain anonymous.

To enhance the security of your local setup:

• Keep dependencies up to date by running pip install --upgrade -r requirements.txt within the virtual environment.
• Use Python 3.8+ to ensure compatibility with the latest security patches.
• Avoid exposing sensitive data in configuration files or generated executables.
• Ensure proper access controls for the application if deployed.

Thank you for helping keep PyExe Builder Professional secure!