Only the latest major version receives security updates. Pin to the major tag
(e.g. @v1) to keep receiving them.
| Version | Supported |
|---|---|
| 1.x | ✅ |
| < 1.0 | ❌ |
Please do not open a public issue for security vulnerabilities.
Report privately through GitHub's private vulnerability reporting, or email alexander@remniov.com.
Include as much detail as you can:
- A description of the vulnerability and its impact.
- Steps to reproduce or a proof of concept.
- The action version / commit affected.
You can expect an initial acknowledgement within 7 days. Once the issue is confirmed, a fix and disclosure timeline will be coordinated with you.