Security Policy
March 9, 2026 · View on GitHub
Supported Versions
This project is currently maintained on the main branch only.
| Version | Supported |
|---|---|
| main | ✅ |
Reporting a Vulnerability
If you discover a security issue, please report it privately first.
Preferred channels:
- Open a private security advisory in GitHub (if enabled).
- If private advisory is not available, open an issue with minimal details and request a private follow-up from maintainers.
Please include:
- A clear description of the vulnerability
- Affected files/endpoints/flows
- Reproduction steps or proof of concept
- Potential impact
- Suggested remediation (if available)
Response Expectations
- Initial triage target: within 3 business days
- Status update target: within 7 business days
- Fix timeline depends on severity and release constraints
We will coordinate disclosure timing after remediation is available.