This project strives to follow industry best practices, ensuring a balance between a high level of security and user convenience.

We are providing security updates for the following versions:

• The two most recent releases
• All releases from the last 30 days
• All master branch commits since the latest release

We appreciate your help in identifying and reporting vulnerabilities.

Please responsibly disclose any critical vulnerabilities by opening a security advisory.

If you prefer to communicate outside of GitHub, please open a security advisory asking to connect over your preferred channel like Signal, Telegram, or PGP.

For general suggestions on how to improve the security posture, please open an issue.

Please note: this is an unfunded volunteer project and can't pay any bug bounties.