Only the latest version of the Stellar Bounty Board is currently supported with security updates.

Please do not open a public GitHub issue for security vulnerabilities.

If you discover a potential security issue, please report it privately by emailing [Insert Email or Use GitHub Private Reporting]. We appreciate your help in keeping the Stellar ecosystem safe.

• Acknowledge: We will acknowledge receipt of your report within 48 hours (SLA).
• Triage: We will provide a status update after initial triage.
• Disclosure: We follow a responsible disclosure timeline of 90 days before public release, though we aim to fix critical issues much faster.

This repository runs GitHub CodeQL on the javascript language (which covers both JavaScript and TypeScript) for every push and pull request to main, plus a weekly scheduled scan. The workflow is defined at .github/workflows/codeql.yml and uses the security-extended and security-and-quality query suites. Alerts surface in the Security tab of the repository. Enter