# 🔒 Security Policy

## Supported Versions

Only the latest version of **eBooks Books Service API** is actively maintained for security updates.

| Version        | Supported |
| -------------- | --------- |
| Latest (main)  | ✅        |
| Older releases | ❌        |

---

## 📢 Reporting a Vulnerability

If you discover a security vulnerability, please **DO NOT** open a public issue.  
Instead, report it responsibly via email:

📧 **vlphadev@gmail.com**

### Please include:

- A detailed description of the vulnerability
- Steps to reproduce
- Possible impact and suggested mitigation

You’ll receive an acknowledgment within **48 hours**, and progress updates within **5 business days**.

---

## 🛡️ Security Best Practices

When contributing code:

- Never commit secrets or credentials.
- Validate all incoming data.
- Follow the least privilege principle for AWS IAM roles.
- Use environment variables (`.env`) for sensitive data only.

---

Thanks for helping make eBooks safer for everyone 🫡