| Version | Supported |
|---|---|
| 0.4.x (current) | ✅ |
| < 0.4 | ❌ |
Please do not report security vulnerabilities through public GitHub issues.
If you discover a security vulnerability, please report it through GitHub's private Security Advisories.
You can expect:
- Acknowledgement within 48 hours
- Status update within 5 business days
- Resolution as quickly as possible, depending on severity
Please include as much detail as possible:
- A description of the vulnerability and its potential impact
- Steps to reproduce or proof-of-concept code
- Affected versions
- Any suggested mitigations
We appreciate responsible disclosure and will credit reporters in the release notes unless they prefer to remain anonymous.