The latest released version of Calendar Plus is supported. Older versions receive fixes only through the Obsidian compatibility envelope in versions.json.

If you find a security issue, please do not open a public GitHub issue.

Instead, please open a private security advisory through GitHub:

https://github.com/mattmaiorana/calendar-plus/security/advisories/new

Please include:

• A description of the issue and potential impact
• Steps to reproduce
• Affected Calendar Plus version
• Affected Obsidian version, if relevant

I’ll acknowledge receipt within a week and aim to provide a fix or mitigation timeline within a reasonable window for non-critical issues.