Only the latest minor release line of collection_notifiers receives security updates.

Please do not open public GitHub issues for security reports.

Use GitHub's private vulnerability reporting instead. You should receive an acknowledgement within a few business days.

Include in your report:

• A description of the vulnerability and its impact.
• A minimal reproduction (Dart snippet or test case).
• The package version affected.
• Any proposed mitigations or fixes.

We aim to:

1. Acknowledge the report within 5 business days.
2. Provide an initial assessment within 14 days.
3. Coordinate a fix and release before public disclosure.