Skip to content

Security: darsonbjf/request-forms-platform

Security

SECURITY.md

Security Policy

This repository is a public portfolio application and must not contain real credentials, private keys, database dumps or internal infrastructure details.

Supported Branch

Security fixes are applied to main.

Handling Secrets

  • Keep .env, mysecrets.yml, private keys and database dumps out of Git.
  • Use .env.example and mysecrets.yml.example only with placeholder values.
  • Rotate any credential that was ever committed before publishing.
  • Do not publish logs containing user data, tokens, IPs from private networks or production hostnames.

Reporting

Open a private report or contact the maintainer before publishing details about credential exposure or security vulnerabilities.

There aren't any published security advisories