| Version | Supported |
|---|---|
| 0.x.x | Yes (development) |
Once we reach v1.0, we will maintain security updates for the current major version and one previous major version.
Please do NOT report security vulnerabilities through public GitHub issues.
-
Preferred: Use GitHub Security Advisories to report vulnerabilities privately.
-
Alternative: Email the repository owner directly at matejg03@gmail.com.
When reporting a vulnerability, please include:
- A clear description of the vulnerability
- Steps to reproduce the issue
- Potential impact assessment
- Any suggested fixes (optional but appreciated)
| Action | Timeframe |
|---|---|
| Initial acknowledgement | Within 48 hours |
| Preliminary assessment | Within 1 week |
| Fix development | Depends on severity and complexity |
| Security advisory publication | After fix is available |
-
Acknowledgement: We will acknowledge receipt of your report within 48 hours.
-
Communication: We will keep you informed of our progress and may ask for additional information.
-
Credit: Unless you prefer to remain anonymous, we will credit you in our security advisory and release notes.
-
Disclosure: We follow responsible disclosure practices. We ask that you give us reasonable time to address the issue before any public disclosure.
This security policy was last updated on 2026-03-08.