Use this section to tell people about which versions of your project are currently being supported with security updates.
Version | Supported |
---|---|
Latest minor version | ✅ |
Otherwise | ❌ |
If you discover a potential security vulnerability, we kindly request that you refrain from sharing the information publicly and report it to us directly. Please send an email to [email protected] with the following details:
- Description of the potential vulnerability.
- Steps to reproduce the issue (if applicable).
- Any relevant screenshots or logs.
- Your contact information for further communication.
Alternatively, you can open a security advisory on GitHub.
Upon receiving your report, the maintainers will acknowledge receipt of your vulnerability report within 2 business days. We will then review the reported issue and strive to keep you informed about our progress towards resolving it. You can expect an update from us at least every 5 days until the issue is resolved.
The maintainers will assess the reported vulnerability and validate its existence. This process may involve a request for additional information from you. If the vulnerability is confirmed, we will classify it based on its severity and potential impact.
If your reported vulnerability is validated and leads to a change in our systems, we will acknowledge your contribution in any public disclosure, unless you request anonymity. Otherwise, if the reported issue is not accepted as a vulnerability, we will provide a detailed explanation as to why we believe it does not pose a risk to our systems or users. We value all reports and encourage you to continue to report any potential vulnerabilities you may find in the future.