The following versions are actively supported, including security updates.

First: thank you for engaging in responsible disclosure!

If you beleive you've found a vulnerability or other security related issue please email a complete description to jsonurl.org ``at'' gmail.com. If the issue is accepted a discussion will begin on a private Zulip channel, and you mabe be invited to participate. Once a fix is in place, and a new release is made, a GitHub security advisory will be created to make the information public.

If the vulnerability is declined a Github issue may still be created, and/or the Zulip channel may be made public, to make the discussion public if the repository owners see value in that. Otherwise, we appreciate your engagement in responsible disclosure and you are now free to disclose the information (or not) as you see fit.