We always recommend using the latest version of Applelink to ensure you get all security updates.

Currently, security updates are not backported to previous versions.

If you've found a security vulnerability in the Applelink codebase, you can disclose it responsibly by sending a summary to [email protected]. We will review the potential threat and get back to you within two (2) business days. We will then work on fixing it as fast as we can, followed by a public disclosure with attribution to you.

While we do not have a bounty program in place yet, we are incredibly thankful for people who take the time to share their findings with us. Whether it's a tiny bug that you've found or a security vulnerability, all reports help us to continuously improve Tramline for everyone. Thank you for your support!