I am currently only focusing on fixes for the current releases.
| Version | Supported |
|---|---|
| 1.4.0+ | ✅ |
| 1.3.5.1 | ✅ |
| 1.3.5 | ✅ |
| < 1.3 | ❌ |
I take security seriously and appreciate your help in keeping this project secure. Please follow these guidelines to report a vulnerability:
Submit vulnerability reports to me via email at [email protected]
- What to Include:
- Detailed description of the vulnerability
- Steps to reproduce the issue
- Affected version(s)
- Potential impact
- Any proposed solutions (optional)
- Response Process:
- You’ll receive an acknowledgment of your report within 48 hours
- I will investigate and provide an initial assessment within 5 business days
- Regular updates will be provided every 7-14 days until resolution
- Resolution Timeline:
- Critical vulnerabilities: Addressed within a few days
- High severity: Addressed within 2 weeks
- Medium/Low severity: Addressed in next scheduled release
- Outcome:
- If accepted: I’ll work on a fix and credit you (if desired) in the release notes If declined: We’ll explain why (e.g., not reproducible, out of scope, or false positive) We maintain confidentiality until the issue is resolved and disclosed responsibly For urgent issues, mark your email subject with "[CRITICAL]" to expedite review.
Thank you for helping us maintain a secure project!