Only the latest release of feed-repeat is supported with security updates.

If you discover a security vulnerability in feed-repeat, please report it privately rather than opening a public issue.

Preferred channels, in order:

1. GitHub private security advisory: open one at https://github.com/abhin4v/feed-repeat/security/advisories/new.
2. Email: abhinav@abhinavsarkar.net.

Please include:

• A description of the vulnerability and its potential impact.
• Steps to reproduce, or a minimal proof of concept.
• The version (or commit) of feed-repeat you tested against.

You can expect an initial response within a reasonable time. Once a fix is available, it will be released and the advisory published. Credit will be given to the reporter unless you prefer otherwise.