The following table lists the versions of our project that are currently supported with security updates.
| Version | Supported |
|---|---|
| 1.2.0 | ✅ |
| < 1.2.0 | ❌ |
We take security vulnerabilities seriously and appreciate your efforts to responsibly disclose any issues you may find.
To report a vulnerability, please use GitHub's private vulnerability reporting feature. This allows you to communicate directly with our security team without publicly disclosing the vulnerability details.
Steps to report a vulnerability:
- Navigate to the Security tab of our GitHub repository.
- Click on "Report a vulnerability" to start the private reporting process.
- Provide as much detail as possible about the vulnerability and any potential impacts.
What to expect:
- We will acknowledge receipt of your report within 48 hours.
- Our team will review the issue and work with you to understand its impact.
- You will receive updates on the status of your report at least once every five business days.
- If the vulnerability is accepted, we will coordinate with you on an appropriate disclosure timeline.
Thank you for helping us keep our project secure!