iOSAppTemplates is an active starter-portfolio repository. Security reporting should focus on the maintained root package graph, standalone app roots, scripts, and public distribution surfaces that currently ship from this repository.

We prioritize security fixes for:

• the root Swift package graph from Package.swift
• template families under Sources/
• standalone app roots under Templates/
• example surfaces under Examples/
• generator and validation scripts under Scripts/
• public proof, media, release, and GitHub distribution surfaces

• Do not open a public GitHub issue.
• Prefer GitHub Security Advisories: Report a vulnerability
• If private advisory reporting is unavailable, email: muhittincamdali@gmail.com

• affected path, app root, or package target
• impact
• reproduction steps
• proof of concept or code sample
• Swift, Xcode, and OS version if relevant
• whether the issue affects:
  • the root package graph
  • a standalone app root
  • an example surface
  • a release, proof, or distribution surface

Treat the following as current guidance:

• examples and templates must never ship secrets, tokens, or production credentials
• public docs must not overclaim privacy or security guarantees that are not validated today
• standalone app roots are starter surfaces, not production-audited finished apps
• GitHub-hosted workflow status should stay truthful and green on the maintained branch
• release titles, release notes, and About-box metadata are part of the public trust surface

Security reports are reviewed as quickly as possible, but this file does not promise a hard SLA.

Please allow time for triage, remediation, validation, and release preparation before public disclosure.

• SUPPORT.md
• CONTRIBUTING.md
• Documentation/GitHub-Distribution.md
• Documentation/Release-Process.md