See README's Security section for detailed description of internal security practices.
Version | Supported |
---|---|
>=1.0.0 | ✅ |
<1.0.0 | ❌ |
Use maintainer's email specified at https://github.com/paulmillr.
It's preferred that you use PGP key from pgp proof (current is 697079DA6878B89B). Ensure the pgp proof page has maintainer's site/github specified.
You will get an update as soon as the email is read; a "Security vulnerability" phrase in email's title would help.