Security

SECURITY.md

Security Policy

Supported Versions

Only the latest released version is considered supported for security fixes.

Reporting a Vulnerability

Please do not report security vulnerabilities in public issues.

Until repository security channels are fully configured, report vulnerabilities through a private maintainer contact channel in your organization.

Include:

A clear description of the issue
Steps to reproduce
Impact assessment
Suggested fix (if available)

Disclosure Policy

We will acknowledge receipt as soon as possible.
We will investigate and prepare a fix.
Public disclosure should happen only after a fix is available.

There aren't any published security advisories