| Version | Supported |
|---|---|
| latest | ✅ |
Please do not report security vulnerabilities through public GitHub issues.
Instead, please report them via GitHub Security Advisories.
We will respond to your report within 7 days and will keep you informed of our progress toward a fix and public disclosure. We may ask for additional information or guidance.
After a security vulnerability is confirmed and a fix is prepared, we will:
- Release the fix as part of the next release
- Credit the reporter (unless they wish to remain anonymous)
- Publish a security advisory on GitHub
- Always change default credentials before deploying to production
- Keep all dependencies up to date
- Use HTTPS in production environments
- Review the deployment guide for secure configuration