We release updates on the main branch. Please use the latest version for security patches.
| Version | Supported |
|---|---|
| main | ✅ Supported |
| < main | ❌ Not supported |
If you discover a security vulnerability in this project:
- Do not open a public issue.
- Contact the maintainers
- Provide as much detail as possible:
- Steps to reproduce
- Affected commit(s) or version(s)
- Potential impact
We aim to respond within 72 hours, confirm receipt, and keep you updated throughout remediation.
We appreciate responsible disclosure. Please allow us time to fix issues before making them public. Contributors who report valid security issues may be credited in the release notes.
- Always update to the latest release
- Avoid committing secrets or tokens
- Run tests (
npm test) after upgrading dependencies - Use
commitrix validatein CI/CD pipelines