This project represents a professional portfolio website deployed via GitHub Pages. We are committed to maintaining the security and integrity of this site.

We take the security of alsouri.co.uk seriously. If you discover a security vulnerability, please follow these steps:

Please report security vulnerabilities by:

1. Email: Contact us at [email protected]
2. Private Security Advisory: Use GitHub's private vulnerability reporting

When reporting a vulnerability, please include:

• Description: Clear description of the vulnerability
• Impact: Potential impact and attack scenarios
• Steps to Reproduce: Detailed steps to reproduce the issue
• Proof of Concept: If applicable, proof of concept code
• Proposed Solution: If you have suggestions for fixing the issue

• Acknowledgment: Within 48 hours of report submission
• Initial Assessment: Within 5 business days
• Status Updates: Every 7 days until resolution
• Resolution Target: Critical issues within 30 days, other issues within 90 days

• We will acknowledge receipt of your vulnerability report
• We will investigate and validate the reported issue
• We will keep you informed of our progress
• Once resolved, we will publicly acknowledge your responsible disclosure (unless you prefer to remain anonymous)

This repository follows these security practices:

• Branch Protection: Main branch requires pull request reviews
• Dependency Management: Automated dependency updates via Dependabot
• Code Scanning: Regular security scanning via CodeQL
• Secret Scanning: Enabled to prevent credential leaks
• HTTPS: Enforced for all site traffic
• Regular Updates: Dependencies and workflows kept current

• Custom Domain: Configured with proper DNS settings
• HTTPS Enforcement: SSL/TLS certificates automatically managed
• Content Security: Static site with no server-side code execution
• Access Control: Repository access strictly controlled

• Pull Request Reviews: Required before merging to main
• Status Checks: Automated tests and security scans must pass
• Signed Commits: Recommended for all contributors
• Least Privilege: Repository permissions follow principle of least privilege

• Responsible Disclosure: We follow coordinated vulnerability disclosure
• Public Disclosure: After 90 days or upon fix deployment, whichever comes first
• Credit: Security researchers will be credited for responsible disclosure

• General Security: [email protected]
• Repository Owner: @msalsouri
• Website: alsouri.co.uk

Thank you for helping keep alsouri.co.uk and our users safe!