We release patches for security vulnerabilities. The following versions are currently being supported with security updates:
| Version | Supported |
|---|---|
| 0.1.x | ✅ |
Please do not report security vulnerabilities through public GitHub issues.
Instead, please email the maintainers directly. We will acknowledge your email within 48 hours and send a more detailed response indicating next steps for handling your report.
Please include the following information:
- Description of the vulnerability
- Steps to reproduce the issue
- Potential impact
- Suggested fix (if available)
We appreciate your efforts to responsibly disclose your findings and will make every effort to acknowledge your contributions.
When contributing to this project:
- Do not commit secrets, API keys, or sensitive information
- Use environment variables for configuration
- Report security issues privately, not in public issues or PRs
- Keep dependencies updated
- Follow OWASP security guidelines