Only the latest release is actively maintained. Older versions do not receive security fixes.
| Version | Supported |
|---|---|
| Latest | ✅ |
| Older | ❌ |
Do not open a public GitHub issue for security vulnerabilities.
Use one of these channels:
- GitHub private advisory (preferred): Report a vulnerability
- Email: lucas.diassantana@gmail.com — subject line
[Lucky] Security
- Description of the vulnerability and potential impact
- Steps to reproduce or a proof-of-concept
- Affected version(s)
- Any suggested mitigations (optional)
This is a solo-maintained project. I aim to:
- Acknowledge reports within 48 hours
- Provide an assessment (valid / not applicable) within 7 days
- Release a fix for confirmed vulnerabilities as soon as reasonably possible
I'll credit reporters in the release notes unless you prefer to remain anonymous.