Currently we don't have any stable versions, but if we ever add a stable version this will be the only additional supported version besides the master branch version. The master branch is always up-to-date and should therefore be free of any security issues (there is no guarantee that this is actually the case). If you find any issue in stable or master please report them!
| Version | Supported |
|---|---|
| master | ✅ |
| stable | ✅ |
| oldstable | ❌ |
Please report any non-critical security issues in a ticket. If you find a cirital error, which can cause a security breach or denial of service, please contact me directly (@SetZero) or open a draft security advisory.
Please write the exact steps to reproduce the vulnerability including (if necessary) your environment and possible outcomes of the issue.
You may write a ticket or publish the issue, if I don't write you back within a month.
If the vulnerability is accepted I will try the give you an approximate timeframe up until the issue will be resolved. If the issue isn't resolved within that timeframe and I haven't written back that it might take longer you are free to publish the vulnerability. If a vulnerability has been declined and you think that I misunderstood the severity you may write back and explain it again. If I still decline the vulnerability you are free to publish it.