Pixel follows a rolling release model. Security fixes are prioritized on the main branch.

Please do not open public issues for security vulnerabilities.

Instead, report vulnerabilities privately using GitHub Security Advisories for this repository.

When reporting, include:

• Description of the vulnerability
• Steps to reproduce
• Potential impact
• Any suggested mitigation

• Initial acknowledgment: within 72 hours
• Triage and severity assessment: as soon as possible
• Fix timeline: depends on severity and complexity

After a fix is available, maintainers may publish a summary of impact, affected versions, and remediation guidance.