We currently only provide security updates for the code residing in the main branch. If you are using an older release or a different branch, please update to the latest version of main to ensure you have the most recent security patches.

If you find a security vulnerability, please do not disclose it publicly. We take security seriously and would appreciate the opportunity to fix the issue before it is widely known.

• Private Report: Please email your findings to Brad Bazemore (sonyccd)
• Details to Include: A clear description of the vulnerability, a proof-of-concept (if possible), and the potential impact on users.

• Acknowledgement: You can expect an initial response within 48–72 hours.
• Fix Timeline: We will work to resolve the issue as quickly as possible. We may ask you to verify the fix before it is merged.
• Public Disclosure: Once the fix is merged into the main branch, we will publish a security advisory and credit you for your help (unless you wish to remain anonymous).

Thank you for helping keep the amateur radio community's tools secure!