Unfortunately, when a new commit is added, we expect most, if not all security issues to be for the latest version, not an older version -- since there is no versioning system, and I don't believe there needs to be.

As a result to this, only the latest version will receive security changes. If you made a fork of this repository without changing anything else but /src/, you can safely sync with this repository for the most part. If not, good luck I guess.

Reporting a vulnerability is as easy as:

1. Clicking the "Security" tab
2. Clicking "Report a vulnerability"
3. Typing a name and description
4. You're done!