Currently, only the version on the default branch will receive security fixes. This will be the policy until version 1.0. Then, the most recent 1.x version will receive security updates.

Once we reach version 2.0, at least one previous major version will continue to receive security updates.

Please report security vulnerabilities to security@kooi.me. We will try to reply as soon as possible to coordinate a fix.