Security

Report a vulnerability

SECURITY.md

Security Policy

Supported Versions

Version	Supported
latest	Yes
< latest	No

Reporting a Vulnerability

If you discover a security vulnerability, please report it responsibly:

DO NOT create a public GitHub issue
Use GitHub's private vulnerability reporting: Settings > Security > Advisories > Report a vulnerability

What to Include

Description of the vulnerability
Steps to reproduce
Potential impact assessment
Suggested fix (if any)

Response Timeline

Acknowledgment: Within 48 hours
Assessment: Within 7 days
Fix timeline: Depends on severity
- Critical: 72 hours
- High: 2 weeks
- Medium: 4 weeks
- Low: Next release cycle

There aren't any published security advisories