If you believe you have found a security vulnerability within C3X, please let us know right away. We'll try and fix the problem as soon as possible.
Do not report vulnerabilities using public GitHub issues. Instead, email security@c3x.dev with a detailed account of the issue. Please submit one issue per email, this helps us triage vulnerabilities.
Once we've received your email we'll keep you updated as we fix the vulnerability.
We release patches for security vulnerabilities as soon as they are found and fixed. Please refer to the below table to understand which CLI versions are eligible for security patches.
| Version | Supported |
|---|---|
| 0.10.x | ✅ |
| 0.9.x | ✅ |
| < 0.9.0 | ❌ |