This project is not yet GA (v1.0.0) and thus all versions will get security updates.
| Version | Supported |
|---|---|
| All | ✅ |
Please do not report security vulnerabilities through public GitHub issues.
We use GitHub's private vulnerability reporting feature. To report a vulnerability:
- Go to the Security tab of this repository.
- Click "Report a vulnerability" under the "Advisories" section.
- Fill in the details of the vulnerability, including steps to reproduce, impact, and any suggested fix.
We will acknowledge receipt within 48 hours and aim to provide a resolution timeline within 7 days.
If you are unable to use GitHub's private reporting, you may contact the maintainers directly via the contact information listed in the repository profile.
- Description of the vulnerability and its potential impact
- Steps to reproduce the issue
- Any proof-of-concept or exploit code (if applicable)
- Suggested fix or mitigation (if known)
We follow a coordinated disclosure process. We ask that you:
- Give us reasonable time to address the issue before public disclosure
- Avoid exploiting the vulnerability beyond what is necessary to demonstrate it
We will credit reporters in the security advisory unless they prefer to remain anonymous.