This package has no LTS releases - this means that we will only support the latest minor release with feature updates. We have never had any security vulnerabilities and therefore we don't promise any list of versions. Instead we will determine this on a case by case basis - depending on factors like:
- vulnerable versions
- age of the versions
- usage of the versions (packagist downloads)
- effort needed to fix it in the versions
We will do our best to fix security issues as and when they become apparent. We will attempt inform all users about possible issues.
Reporting a Vulnerability
Due to the fact that security vulnerabilities could harm users, we ask that you don't use the public issue tracker to report them. Please write a mail to email@example.com. We will either create a public issue/security alert, or we will fix the vulnerability and inform users afterwards.