If you discover a security vulnerability in php-aegis, please report it responsibly.

1. Do not open a public GitHub issue
2. Report via GitHub Security Advisories (preferred)
3. Or contact the maintainer via GitHub profile

• Description of the vulnerability
• Steps to reproduce
• Potential impact assessment
• Suggested fix (if any)

• Acknowledgment within 48 hours
• Status update within 7 days
• Credit in security advisory (unless you prefer anonymity)
• 90-day disclosure window

php-aegis is built with these principles:

• Defense in Depth: Multiple layers of validation
• Fail Secure: Errors deny access rather than grant it
• Least Privilege: Methods do minimum necessary
• Input Validation: All input treated as untrusted

Published at: https://github.com/hyperpolymath/php-aegis/security/advisories