Only the latest release tagged under Semantic Versioning gets security fixes. Older tags are unsupported.
Email ianpike98(at)gmail(dot)com with:
- What you found
- Steps to reproduce
- Impact you expect
Do not open a public issue for an unfixed vulnerability.
We aim to acknowledge within 7 days and send a rough fix timeline when the report checks out.
- Reproduce and confirm
- Decide severity
- Patch on
dev, ship in the next release if needed - Credit the reporter in the advisory unless they want anonymity
Security questions: ianpike98(at)gmail(dot)com