# Security Policy

## Reporting a Vulnerability

If you discover a vulnerability, please report it privately through the [GitHub Security tab](https://github.com/everfu/hexo-theme-solitude/security/advisories/new) on the appropriate repository. For detailed instructions, refer to this [documentation](https://docs.github.com/en/code-security/security-advisories/guidance-on-reporting-and-writing-information-about-vulnerabilities/privately-reporting-a-security-vulnerability#privately-reporting-a-security-vulnerability). If you're unable to report via GitHub, you can email us at [o@everfu.org](mailto:o@efu.me).

We take security seriously and will verify and resolve any reported vulnerabilities promptly.

To minimize risks, always use the latest version of the theme and dependencies. Keep your lock files (`yarn.lock`, `package-lock.json`) up to date to ensure maximum security.