We release patches for security vulnerabilities for the following versions:
| Version | Supported |
|---|---|
| 1.x.x | ✅ |
If you discover a security vulnerability, please do the following:
- Do NOT open a public issue
- Email security details to: [your-email@example.com]
- Include:
- Description of the vulnerability
- Steps to reproduce
- Potential impact
- Any suggested fixes
We will respond within 48 hours and work with you to address the issue.
This project follows security best practices:
- Regular dependency updates
- CodeQL security scanning
- No sensitive data in repository
- Secure CI/CD pipeline
- Regular security audits
- Security issues are kept confidential until patched
- We will notify affected users after a fix is released
- Credit will be given to reporters (if desired)
Thank you for helping keep this project secure!