Security Policy

March 4, 2026 ยท View on GitHub

Supported Versions

Security fixes are provided for the latest release on the default branch.

Reporting a Vulnerability

Please do not open a public issue for sensitive vulnerabilities.

Use one of the following channels:

  1. GitHub Security Advisories (preferred)
  2. Private contact through repository maintainers

When reporting, include:

  • Affected component/file
  • Reproduction steps or proof of concept
  • Impact assessment
  • Suggested remediation (if available)

We will acknowledge receipt promptly and aim to provide an initial assessment within 5 business days.