iamfarhad
diff --git a/‎.github/ISSUE_TEMPLATE/security-vulnerability.yml‎
Lines changed: 133 additions & 0 deletions b/‎.github/ISSUE_TEMPLATE/security-vulnerability.yml‎
Lines changed: 133 additions & 0 deletions
diff --git a/‎.github/PULL_REQUEST_TEMPLATE.md‎
Lines changed: 107 additions & 0 deletions b/‎.github/PULL_REQUEST_TEMPLATE.md‎
Lines changed: 107 additions & 0 deletions
@@ -0,0 +1,133 @@
+name: 🔒 Security Vulnerability Report
+description: Report a security vulnerability in the Laravel Prometheus package
+title: "[Security] "
+labels: ["security", "vulnerability", "triage"]
+assignees:
+  - iamfarhad
+
+body:
+  - type: markdown
+    attributes:
+      value: |
+        ## Security Vulnerability Report
+        
+        Thank you for taking the time to report a security vulnerability. We take security seriously and appreciate your responsible disclosure.
+        
+        **Please do not report security vulnerabilities through public GitHub issues.**
+        
+        For serious security vulnerabilities, please email: farhad.pd@gmail.com
+
+  - type: checkboxes
+    id: preliminary-checks
+    attributes:
+      label: Preliminary Checks
+      description: Please verify the following before submitting
+      options:
+        - label: I have searched for existing security reports
+          required: true
+        - label: This is a security vulnerability, not a general bug
+          required: true
+        - label: I understand this should not be a public issue for serious vulnerabilities
+          required: true
+
+  - type: dropdown
+    id: severity
+    attributes:
+      label: Severity Level
+      description: How severe is this vulnerability?
+      options:
+        - Low (Minor information disclosure)
+        - Medium (Moderate impact on security)
+        - High (Significant security impact)
+        - Critical (Immediate security threat)
+    validations:
+      required: true
+
+  - type: dropdown
+    id: category
+    attributes:
+      label: Vulnerability Category
+      description: What type of vulnerability is this?
+      options:
+        - Injection (SQL, Command, etc.)
+        - Cross-Site Scripting (XSS)
+        - Authentication/Authorization
+        - Information Disclosure
+        - Dependency Vulnerability
+        - Configuration Issue
+        - Other
+    validations:
+      required: true
+
+  - type: textarea
+    id: description
+    attributes:
+      label: Vulnerability Description
+      description: Provide a clear description of the vulnerability
+      placeholder: |
+        Describe the vulnerability:
+        - What is the issue?
+        - How can it be exploited?
+        - What is the potential impact?
+    validations:
+      required: true
+
+  - type: textarea
+    id: reproduction
+    attributes:
+      label: Steps to Reproduce
+      description: Provide step-by-step instructions to reproduce the vulnerability
+      placeholder: |
+        1. Install the package with...
+        2. Configure...
+        3. Execute...
+        4. Observe...
+    validations:
+      required: true
+
+  - type: textarea
+    id: environment
+    attributes:
+      label: Environment Information
+      description: Provide details about your environment
+      placeholder: |
+        - Package Version: 
+        - PHP Version: 
+        - Laravel Version: 
+        - Operating System: 
+        - Additional Dependencies: 
+    validations:
+      required: true
+
+  - type: textarea
+    id: impact
+    attributes:
+      label: Security Impact
+      description: Describe the potential security impact
+      placeholder: |
+        - What data could be compromised?
+        - What systems could be affected?
+        - What privileges could be escalated?
+
+  - type: textarea
+    id: mitigation
+    attributes:
+      label: Suggested Mitigation
+      description: If you have suggestions for fixing the vulnerability, please share them
+      placeholder: |
+        - Potential fixes
+        - Workarounds
+        - Best practices to prevent similar issues
+
+  - type: checkboxes
+    id: disclosure
+    attributes:
+      label: Responsible Disclosure
+      description: Please confirm your commitment to responsible disclosure
+      options:
+        - label: I will not publicly disclose this vulnerability until it has been addressed
+          required: true
+        - label: I will provide reasonable time for the maintainers to fix the issue
+          required: true
+        - label: I understand this report may be shared with relevant security teams
+          required: true
@@ -0,0 +1,107 @@
+# Pull Request
+
+## Description
+Brief description of what this PR does.
+
+## Type of Change
+<!-- Please mark the relevant option with an "x" -->
+- [ ] 🐛 Bug fix (non-breaking change which fixes an issue)
+- [ ] ✨ New feature (non-breaking change which adds functionality)
+- [ ] 💥 Breaking change (fix or feature that would cause existing functionality to not work as expected)
+- [ ] 📚 Documentation update
+- [ ] 🎨 Code style/formatting changes
+- [ ] ♻️ Refactoring (no functional changes)
+- [ ] ⚡ Performance improvement
+- [ ] 🔒 Security fix
+- [ ] 🧪 Test improvements
+- [ ] 🔧 Build/CI changes
+
+## Related Issues
+<!-- Link to any related issues -->
+Fixes #(issue number)
+Related to #(issue number)
+
+## Changes Made
+<!-- Detailed description of changes -->
+- Change 1
+- Change 2
+- Change 3
+
+## Testing
+<!-- How was this change tested? -->
+- [ ] Unit tests pass
+- [ ] Integration tests pass
+- [ ] Manual testing completed
+- [ ] New tests added for new functionality
+
+### Test Coverage
+- [ ] All new code is covered by tests
+- [ ] No decrease in overall test coverage
+- [ ] Edge cases are tested
+
+## Performance Impact
+<!-- Does this change affect performance? -->
+- [ ] No performance impact
+- [ ] Performance improvement
+- [ ] Performance regression (explain below)
+
+**Performance Notes:** 
+<!-- If applicable, describe performance changes -->
+
+## Security Considerations
+<!-- Any security implications? -->
+- [ ] No security implications
+- [ ] Security improvement
+- [ ] Potential security impact (explain below)
+
+**Security Notes:**
+<!-- If applicable, describe security changes -->
+
+## Breaking Changes
+<!-- If this is a breaking change, describe what breaks and migration path -->
+- [ ] This PR introduces breaking changes
+
+**Breaking Change Details:**
+<!-- Describe what breaks and how to migrate -->
+
+## Documentation
+<!-- Documentation changes -->
+- [ ] Documentation updated
+- [ ] No documentation changes needed
+- [ ] Documentation update required (create issue)
+
+## Checklist
+<!-- Please mark completed items with an "x" -->
+- [ ] My code follows the project's style guidelines
+- [ ] I have performed a self-review of my code
+- [ ] I have commented my code, particularly in hard-to-understand areas
+- [ ] I have made corresponding changes to the documentation
+- [ ] My changes generate no new warnings
+- [ ] I have added tests that prove my fix is effective or that my feature works
+- [ ] New and existing unit tests pass locally with my changes
+- [ ] Any dependent changes have been merged and published
+
+## Screenshots/Examples
+<!-- If applicable, add screenshots or code examples -->
+
+## Additional Notes
+<!-- Any additional information that reviewers should know -->
+
+---
+
+## For Reviewers
+<!-- This section is for reviewers -->
+
+### Review Focus Areas
+- [ ] Code quality and style
+- [ ] Test coverage and quality
+- [ ] Performance implications
+- [ ] Security considerations
+- [ ] Documentation accuracy
+- [ ] Breaking change impact
+
+### Security Review
+- [ ] No sensitive data exposed
+- [ ] Input validation appropriate
+- [ ] Authorization checks in place
+- [ ] Injection vulnerabilities checked