If you discover a security vulnerability, please report it responsibly.

Do not open a public issue.

Instead, email: security@pidgn.seemsindie.com (or open a private security advisory on GitHub)

Please include:

• Description of the vulnerability
• Steps to reproduce
• Potential impact
• Suggested fix (if any)

• Acknowledgment: Within 48 hours
• Initial assessment: Within 1 week
• Fix or mitigation: Depends on severity

This policy covers:

• pidgn - Core web framework
• pidgn_db - Database layer
• pidgn_jobs - Background job processing
• pidgn_cli - CLI tool