This is side project of me. I only work on it on my free time. I try to do my best to keep this project working securely but I cannot guarantee any stability and security fixes or fixes for future OS version. Please consider the steps below before publishing security related bugs.

The latest version of the plugin is the only supported version right now. This might change if breaking changes (like a version 2) is introduced.

The only supported iOS version is the latest stable release. The most used Android versions are covered under a best effort basis.

You can now report security issues privately directly on GitHub.

If you encounter any security related issues please contact me via the e-mail from my Github profile before publishing it. Just hit me up that you have found a bug. You should use PGP if you want to send sensible information to me but I would prefer to use the Github tools. I will add you to the private discussion to go into detail.

I will create a new security advisory as soon as possible. Security advisories allow us to discuss the issue privatly and work on a solution before releasing any details.

Keybase is another secure channel: https://keybase.io/niklasmerz