Security updates will typically only be applied to the latest release unless you have a support contract with Graphile and have arranged otherwise.

If you have a support contract, please raise a ticket at the help desk and we will get back to you as fast as we can.

Otherwise, please let Benjie know privately of any security vulnerabilities by emailing benjie#graphile_org. Benjie will get back to you as soon as he can; typically within 2 working days, and will discuss the future steps.

Graphile is a community-funded open-source project so we're sorry to say that we cannot afford bug bounties at this time. We can, however, send you some PostGraphile stickers ❤️ 🐘