Security fixes are provided for the latest code on the main branch.
Older snapshots, forks, and custom deployments may not receive fixes.
| Version | Supported |
|---|---|
| main | ✅ |
| older | ❌ |
Please report vulnerabilities privately using GitHub's private vulnerability reporting for this repository.
When reporting, include:
- Affected component and version/commit.
- Reproduction steps or proof of concept.
- Impact assessment.
- Suggested mitigation (if available).
- Initial acknowledgment: within 3 business days.
- Triage decision: within 7 business days.
- Status updates: at least weekly until resolution.
Please do not open public issues for undisclosed vulnerabilities.