Security fixes are provided for the latest published 1.x line.
| Version | Supported |
|---|---|
| 1.x | Yes |
| < 1.0.0 | No |
Please do not report security vulnerabilities in public issues.
Instead:
- Open a private security advisory in GitHub for this repository, if available.
- If advisories are not available, contact the maintainer privately.
Please include:
- A clear description of the issue
- Impact and affected components
- Reproduction steps or proof of concept
- Suggested mitigation (if known)
You can expect an initial response within 7 days.
- We validate and reproduce the report.
- We assess impact and affected versions.
- We prepare and release a fix.
- We publish a security advisory when appropriate.