| Version | Supported |
|---|---|
| 0.2.x | ✅ |
| < 0.2 | ❌ |
Please do not report security vulnerabilities through public GitHub issues.
Report vulnerabilities privately via GitHub Security Advisories.
Include as much of the following as possible:
- Type of issue (e.g. dependency confusion, code injection, credential exposure)
- Full paths of the source file(s) related to the issue
- Step-by-step instructions to reproduce the issue
- Proof-of-concept or exploit code (if possible)
- Impact of the issue
Response SLA: We aim to acknowledge reports within 2 business days and provide a remediation timeline within 7 business days.
Published CVEs will credit the reporter unless anonymity is requested.