We support the latest major release, which is at the moment 2.0-M4. In case of direct or transitive vulnerability in that code, we'll release a new version as soon as possible. Please follow us on Twitter for release announcements, and keep your alf.io updated!
| Version | Supported |
|---|---|
| 2.0-M4 | ✅ |
| 2.0-M3 | ❌ |
| 2.0-M2 | ❌ |
| 2.0-M1 | ❌ |
We consider the "master" branch to be always a "Work in Progress", and as such it might contain vulnerabilities. Before each release we'll run an additional scan on SonarCloud and fix all the security-releated findings. That branch should not be deployed in production. If you do that, you're on your own.
Please reach out via email to security @ alf.io (remove spaces), we'll reply as soon as possible. Thank you for sharing responsibly!