We are committed to ensuring the security of CandyPack. Below is a table of our currently supported versions and their security patch status.
| Version | Supported |
|---|---|
| 0.9.x | ✅ |
We take all security vulnerabilities seriously. Thank you for improving the security of our project. We appreciate your efforts and responsible disclosure and will make every effort to acknowledge your contributions.
To report a security vulnerability, please send an email to support@candypack.dev. Do not create a public GitHub issue.
Please include the following details with your report:
- A clear description of the vulnerability.
- The version of CandyPack affected.
- Steps to reproduce the vulnerability.
- Any proof-of-concept code or screenshots.
Once the vulnerability is confirmed, we will work on a patch and release it as quickly as possible.
We look forward to working with you to make CandyPack safer for everyone.