Security

Report a vulnerability

SECURITY.md

Security Policy

Reporting a vulnerability

Please do not open a public issue for security vulnerabilities.

Instead, contact the maintainer privately with:

A description of the issue
Steps to reproduce
Possible impact
Any suggested fix

Supported versions

Dift is currently pre-1.0. Security fixes will target the latest released version.

Scope

Security issues may include:

Unsafe file handling
Unexpected code execution
Dependency vulnerabilities
Sensitive data exposure in reports

There aren't any published security advisories