Security updates are provided for the latest released minor line.
| Version | Supported |
|---|---|
| 0.1.x | Yes |
| < 0.1.0 | No |
Please report suspected vulnerabilities privately by email:
Do not open public GitHub issues for security vulnerabilities.
When reporting, include:
- A clear description of the issue and impact
- Steps to reproduce or a proof of concept
- Affected version(s) and environment details
- Any suggested mitigation (if known)
Our target response and disclosure expectations:
- Acknowledgement within 3 business days
- Initial triage and impact assessment within 7 business days
- Status updates at least every 14 days while remediation is in progress
- Coordinated public disclosure after a fix is available, or within 90 days of acknowledgement when possible
If active exploitation is detected, we may adjust the timeline to protect users.