If you discover a security vulnerability in dscan, please report it responsibly:
Preferred method: Use GitHub's private vulnerability reporting (Security tab → "Report a vulnerability").
Alternative: Email mina.sameh.lameh@gmail.com
Please do not open a public GitHub issue for security vulnerabilities.
When reporting, please provide:
- Affected version(s) and operating system(s)
- Steps to reproduce the vulnerability
- Potential impact (severity assessment if possible)
- We aim to acknowledge reports within a few days
- As a volunteer-maintained project, fixes are best-effort
- We practice coordinated disclosure — please allow the maintainer reasonable time to develop and release a fix before public disclosure
| Version | Supported |
|---|---|
| Latest | ✅ Security fixes |
| Older | ❌ Unsupported |
Only the latest released version receives security patches.
dscan operates entirely locally on your system. It does not upload files, directories, or any data to remote servers. The tool contains no telemetry or tracking.