| Version | Supported |
|---|---|
| 1.0.x (LTS) | ✅ |
| < 1.0.0 | ❌ |
Do not open a public GitHub issue for security vulnerabilities.
Email security@nself.org with:
- Description of the vulnerability
- Steps to reproduce
- Potential impact
- Suggested fix (optional)
We will acknowledge receipt within 48 hours and provide a status update within 5 business days. Critical vulnerabilities are patched on a priority basis.
In scope: nself CLI, plugins, backend services, authentication, API endpoints, web apps
Out of scope: Third-party dependencies (report upstream), our hosted infrastructure (contact support@nself.org)
We follow coordinated disclosure. Please give us 90 days to patch before public disclosure.