The following versions of Rocket.Poker are currently supported with security updates:

As this is an early-stage project, only the current version receives security updates.

We take security seriously. If you discover a security vulnerability in Rocket.Poker, please follow these steps:

1. Do not open a public GitHub issue for security vulnerabilities
2. Please report vulnerabilities through GitHub's Security Advisories
3. Include:
   • Description of the vulnerability
   • Steps to reproduce
   • Potential impact
   • Suggested fix (if any)

• Initial Response: Within 48 hours of your report
• Status Updates: Every 5-7 days until the issue is resolved
• Resolution Timeline: We aim to fix critical vulnerabilities within 14 days

• Accepted Vulnerabilities:

  • We'll work on a fix and notify you when it's ready
  • You'll be credited in the release notes (unless you prefer to remain anonymous)
  • A security advisory will be published after the fix is released

• Declined Reports:

  • We'll explain why the issue doesn't qualify as a security vulnerability
  • We may still address it as a regular bug if applicable

Rocket.Poker operates entirely within your Rocket.Chat workspace and does not collect, store, or transmit any data to external servers. All poker planning sessions, votes, and user information are stored in your Rocket.Chat database and subject to your existing Rocket.Chat privacy policies. The app only accesses user information (names, usernames) necessary to display voters and does not track or store any additional personal data.

Thank you for helping keep Rocket.Poker secure!