Security fixes are prioritized for the latest minor release on main.
| Version | Supported |
|---|---|
| main | yes |
| < main | no |
Do not open a public issue for potential vulnerabilities.
Send a report to:
Please include:
- Vulnerability type and impact
- Affected versions and environment
- Reproduction steps or proof of concept
- Suggested mitigation, if available
- Acknowledgement: within 72 hours
- Initial triage decision: within 7 calendar days
- Remediation plan or fix ETA: within 14 calendar days when reproducible
- We will confirm severity and affected scope.
- We will prepare a fix and regression test where possible.
- We will coordinate disclosure timing with the reporter.
- We will publish release notes for patched versions.