| Version | Supported |
|---|---|
| 1.0.x | ✅ |
Please report security vulnerabilities to the maintainers privately. DO NOT open a public issue for security vulnerabilities.
- Email: Contact the maintainer
- Private GitHub Security Advisory: Use GitHub's private reporting
- Wait for acknowledgment (usually within 48 hours)
- Coordinate disclosure timeline
- Authentication/authorization bypasses
- Data exposure
- Remote code execution
- Injectable code
- Dependency vulnerabilities
- Social engineering
- Physical security
- Denial of service (baseline)
- Features marked experimental