Before 1.0.0, we support security fixes for the current 0.x release line. Older pre-release versions may not receive patches once superseded by a newer 0.x release. After 1.0.0, this table and the project's end-of-life policy will be updated to reflect the supported stable release lines.

We take security very seriously. If you discover a security vulnerability, please report it responsibly to avoid putting the entire community at risk.

Please do not open a public GitHub issue for security vulnerabilities. Instead, please use GitHub's built-in "Report a vulnerability" feature on the Security tab of this repository. This creates a private security advisory that only the maintainers can see.

Include as much detail as possible:

• Description of the vulnerability
• Steps to reproduce
• Potential impact
• Suggested fix (if you have one)

• Initial Response: We will acknowledge your report within 48 hours
• Assessment: We will investigate and provide an initial assessment within 5 business days
• Fix and Release: Critical vulnerabilities will be prioritized and patched as quickly as possible
• Disclosure: We will work with you on a responsible disclosure timeline before any public announcement

When using this application:

• Keep the application updated with the latest security patches
• Report any suspicious activity or potential security issues immediately
• Use strong authentication credentials
• Follow the principle of least privilege when granting permissions

For security concerns, please contact the project maintainers securely via GitHub's vulnerability report feature or email.