| Version | Supported |
|---|---|
| 0.2.x | ✅ |
| 0.1.x | ❌ |
If you discover a security vulnerability, please report it privately:
- Do not open a public issue
- Email the maintainers or use GitHub's private vulnerability reporting
- Include:
- Description of the vulnerability
- Steps to reproduce
- Potential impact
- Suggested fix (if any)
We aim to respond within 48 hours and will work with you to understand and address the issue.
gitgrip interacts with:
- Git repositories - Uses your local git credentials
- GitHub API - Uses
ghCLI authentication - File system - Reads/writes to workspace directories
The tool does not:
- Store credentials
- Send telemetry
- Execute arbitrary remote code