Currently, the latest version of the extension supported with security updates is the active main branch version and the latest published release.

We take the security of SecureStack Copilot seriously. Since this extension is designed to find security vulnerabilities, ensuring its own integrity is paramount.

If you discover a security vulnerability in this project, please do not create a public issue. Instead, report it privately.

1. Email the vulnerability details to the project maintainers. Alternatively, if GitHub Security Advisories are enabled for this repository, you may report it through the GitHub UI under the Security tab -> Advisories -> Report a vulnerability.
2. Include full details about how to reproduce the issue, the potential impact, and (if possible) a suggested fix.

We will review the issue and acknowledge your report within 48 hours. If the vulnerability is accepted, we will coordinate a fix and an advisory.

Thank you for helping keep this project safe!