Security

SECURITY.md

Security Policy

Supported Versions

This project is pre-1.0. Security fixes are applied on the default branch.

Reporting a Vulnerability

Please do not open public issues for security vulnerabilities.

Report privately with:

Reproduction steps
Impact assessment
Suggested mitigation (if known)

If GitHub Security Advisories are enabled, use private vulnerability reporting there.

Response Targets

Initial acknowledgment: within 72 hours
Triage decision: within 7 days
Fix timeline: depends on severity and complexity

There aren’t any published security advisories