The following versions of the project are currently being supported with security updates.

Please do not submit an issue on GitHub for a security vulnerabilities.

To protect users, we request responsible disclosure via email. Please email me directly at kasim.ahmic[at]gmail.com.

Please include as much of the information listed below as you can to help us better understand and resolve the issue:

• The type of issue (e.g., buffer overflow, SQL injection, or cross-site scripting)
• Full paths of source file(s) related to the manifestation of the issue
• The location of the affected source code (tag/branch/commit or direct URL)
• Any special configuration required to reproduce the issue
• Step-by-step instructions to reproduce the issue
• Proof-of-concept or exploit code (if possible)
• Impact of the issue, including how an attacker might exploit the issue

• Acknowledgment: You will receive confirmation within 72 hours of your report.
• Investigation & Fix: I aim to release a fix within 30 days, depending on severity.
• Disclosure: I prefer coordinated disclosure. I request that you do not publicly disclose until a fix is available. If no response is received within 30 days, you may disclose responsibly.