We release patches for security vulnerabilities. Which versions are eligible for security updates?
| Version | Supported |
|---|---|
| 2025.1.0 | ✅ |
If you discover a security vulnerability within this project, please follow these steps:
- You can:
- Open a security issue with the 'Security' label
- Create a pull request with a patch
- Send an email to alpernae@proton.me
We welcome all responsible security disclosures through any of these channels. 2. Include the following information in your email: - A description of the vulnerability. - Steps to reproduce the vulnerability. - Any potential impact or exploit scenarios. 3. We will acknowledge receipt of your email within 48 hours and will work with you to understand and resolve the issue promptly.
We appreciate your efforts to responsibly disclose your findings and will make every effort to acknowledge your contributions.
We follow responsible disclosure guidelines to ensure that vulnerabilities are addressed promptly and that users are informed about potential risks. We request that you:
- Give us a reasonable amount of time to address the issue before making any information public.
- Avoid exploiting the vulnerability for any reason.
- Act in good faith to avoid privacy violations, destruction of data, and interruption or degradation of our services.
There are no known security issues at the moment.
Thank you for helping to keep this project secure.