Only the latest minor version of each major release is supported, unless that major has been explicitly marked as deprecated.
| Release type | Status |
|---|---|
| Latest minor of a maintained major | ✅ Supported |
| Older minors of a maintained major | ❌ Not supported |
| Any version of a deprecated major | ❌ Not supported |
Projects are expected to stay up to date with the latest minor version of a supported major to receive security fixes and patches.
We take the security of our software seriously.
If you believe you have found a high-impact vulnerability — something that could compromise data, infrastructure, or user safety — please report it privately by emailing:
Do not open a public issue or discuss the vulnerability in public forums. Instead, provide a detailed, private report that includes:
- A clear description of the problem
- Steps to reproduce it
- Any known impact or exploitation scenarios
We will respond within 5 business days and keep you informed as we investigate and resolve the issue.
If you’ve found a low-risk or non-critical issue (e.g. missing input validation, best practice warnings), feel free to open a public GitHub issue. These help improve the overall quality and robustness of the codebase.
We appreciate and respect responsible disclosure. If you follow these guidelines, we’ll acknowledge your contribution in the changelog or release notes (unless you ask otherwise).
Thank you for helping us maintain secure and trustworthy software.