Security fixes are best-effort for the latest published release and the current default branch.
| Version | Supported |
|---|---|
| Latest release | Yes |
| Current default branch | Yes |
| Older releases | No |
Please do not open public issues for security vulnerabilities.
- Use GitHub's private vulnerability reporting feature if it is enabled for the repository.
- If private reporting is not available, contact the repository maintainer privately through GitHub.
- Include reproduction details, impact, affected versions, and any suggested fix or mitigation.
The repository maintainer will acknowledge valid reports as soon as practical, investigate the issue, and coordinate a fix and disclosure timeline.