We actively support and provide security updates for the latest release version of ReadLaterPro-Article-Management-Browser-Extension.

We take the security of our project very seriously. If you discover any security vulnerabilities, please report them responsibly to us, following these steps:

1. Do NOT disclose the vulnerability publicly.
2. Email us directly at security@chirag127.dev with the subject line "Security Vulnerability Report".
3. Provide details: Include a detailed description of the vulnerability, steps to reproduce it, and any potential impact.
4. Allow us time to fix: We aim to address valid security reports promptly. We will keep you informed of our progress.
5. Disclosure: Once a fix is available and deployed, we may acknowledge your responsible disclosure.

Our development process incorporates security best practices to minimize potential risks:

• Dependency Management: We regularly review and update project dependencies to patch known vulnerabilities. Tools like npm audit or equivalent package manager security checks are integrated into our CI pipeline.
• Code Review: All significant code changes undergo peer review, with a focus on identifying potential security flaws.
• Linting & Static Analysis: Automated tools (e.g., ESLint with security plugins, Ruff for Python if applicable in future iterations) are used to enforce coding standards and detect potential security issues.
• Least Privilege: Where applicable, permissions and access are granted on a need-to-know basis.
• Input Validation: All external inputs are validated and sanitized to prevent common attacks like Cross-Site Scripting (XSS) or injection flaws.

As a browser extension, security is paramount:

• Permissions: The extension requests only the minimum necessary permissions required for its functionality. These are clearly documented in the extension's manifest and README.
• Data Storage: Sensitive data is stored securely, using browser-provided storage APIs (e.g., chrome.storage.local, browser.storage.local) where appropriate, and encrypted if necessary.
• Third-Party Scripts: We limit the use of third-party scripts. Any included scripts are from trusted sources and regularly vetted.

Thank you for helping to keep ReadLaterPro-Article-Management-Browser-Extension secure!