We only support the latest stable version of this project. If you're using an older version, we strongly recommend upgrading.

If you discover a security vulnerability in this project:

1. Do not open a public GitHub issue.
2. Instead, please email us directly at security.gh@elomagic.de.
3. Include as much detail as possible:
   • Description of the vulnerability
   • Steps to reproduce
   • Impact
   • Any possible fixes or mitigations

We aim to respond to all reports within 5 business days.

We follow a responsible disclosure process:

1. Vulnerability reported privately.
2. We confirm the issue and determine a fix.
3. A patch release is prepared.
4. Public disclosure is made after users have had reasonable time to update.

• Always use the latest release.
• Avoid exposing sensitive data (API keys, secrets) in your configuration.
• Review third-party dependencies regularly.

If you responsibly disclose a valid security vulnerability, we’ll gladly credit you here (unless you prefer to remain anonymous).

Feel free to reach out if you have questions or want to help make this project more secure.