| Version | Supported |
|---|---|
| Latest stable release | ✅ |
| Latest RC / pre-release | ✅ |
| Older releases | ❌ |
Do not open a public issue for security vulnerabilities.
Please report security issues through one of:
- GitHub Security Advisories — Report a vulnerability
- Email — Contact @trudenboy directly via their GitHub profile
Include:
- Description of the vulnerability
- Steps to reproduce
- Potential impact
- Suggested fix (if any)
- Acknowledgement: within 72 hours
- Initial assessment: within 1 week
- Fix or mitigation: best effort, typically within 30 days for confirmed issues
- Vulnerabilities in upstream dependencies with no exploit path through this project
- Denial-of-service on a local-only deployment (the bridge is designed for trusted home networks)
- Issues requiring physical access to the host machine
- Social engineering attacks
We follow coordinated disclosure. Once a fix is released, we will credit reporters (unless anonymity is requested) in the release notes.