Security fixes are applied to:
- The latest code on
main - The latest App Store release of VVTerm
Older versions may not receive security updates.
Please report vulnerabilities privately to:
vvterm@vivy.company
Use the subject prefix "[Security]" and include:
- A clear description of the issue
- Steps to reproduce (or proof of concept)
- Affected version(s), platform(s), and impact
- Any suggested remediation, if available
Please do not open public GitHub issues for security vulnerabilities.
- Acknowledgement: within 3 business days
- Initial triage: within 7 business days
- Ongoing updates: as fixes are developed and validated
After a fix is available and users have had reasonable time to update, we may publish a public advisory describing:
- Affected components/versions
- Severity/impact
- Mitigation and upgrade guidance
We appreciate responsible disclosure and good-faith security research.