If you think you've found a security issue in Lisse, please report it privately. Do not open a public GitHub issue for vulnerabilities.
You can report in either of these ways:
- Open a private advisory via GitHub Security Advisories (preferred).
- Email hi@ja.mt.
Please include enough detail for the issue to be reproduced: affected package and version, a minimum reproduction, and the impact you've observed.
- Initial response: within 48 hours on a best-effort basis.
- We'll confirm the issue, agree a disclosure timeline with you, and ship a fix plus advisory once a patch is ready.
- Credit is given in the advisory unless you prefer to stay anonymous.
Lisse is in 0.x. Only the latest published version is supported with security fixes.
| Version | Supported |
|---|---|
| latest | Yes |
| older | No |
Once Lisse hits 1.0, this table will expand to cover supported major lines.