| Version | Supported |
|---|---|
| x.x.x | ✅ |
| < x.x.x | ❌ |
We take the security of this project seriously. If you discover a security vulnerability, please report it responsibly.
Please do NOT report security vulnerabilities through public GitHub issues.
Instead, please report them via GitHub Security Advisories.
When reporting, please include:
- A description of the vulnerability
- Steps to reproduce the issue
- Potential impact of the vulnerability
- Any suggested fixes (if applicable)
- Acknowledgment: We will acknowledge receipt of your report within 48 hours.
- Updates: We will provide updates on the status of your report at least every 7 days.
- Resolution: We aim to resolve critical vulnerabilities within 30 days.
- Disclosure: We will coordinate with you on the timing of public disclosure.
We consider security research conducted in accordance with this policy to be:
- Authorized and welcome
- Conducted in good faith
- Not subject to legal action from us
Thank you for helping keep this project and its users safe.