# Poker Republic — Security Policy
# https://datatracker.ietf.org/doc/html/rfc9116

Contact: mailto:support@poker-republic.com
Expires: 2027-05-24T00:00:00.000Z
Preferred-Languages: en
Canonical: https://www.poker-republic.com/.well-known/security.txt
Policy: https://www.poker-republic.com/legal/privacy.html

# Please report suspected vulnerabilities by email with the subject
# line beginning "SECURITY:". Include reproduction steps and any
# proof-of-concept. We aim to acknowledge reports within 72 hours.
#
# Out of scope: spam, social-engineering of users, denial-of-service
# attacks, physical attacks against infrastructure. Findings related
# to publicly-documented Firebase behavior or third-party services
# (Google Cloud, Firebase Auth, etc.) should be reported directly to
# the relevant provider.
#
# We do not currently run a paid bug-bounty program. Responsible
# disclosure is appreciated and we are happy to acknowledge reporters
# publicly upon request once a fix is shipped.