We value the contributions of the community and welcome any input on potential security issues. To ensure the safety of our users, we encourage following responsible disclosure practices described in this document.

Only the latest release version is supported. We use SemVer and encourage to pin only to the major version of our software and update to the latest minor and patch versions regularly.

If you discover a security vulnerability in our repository, we encourage you to report it to us as quickly as possible. Please do not publicly disclose the details of the vulnerability until we have had a chance to address it.

1. Submit vulnerability report:

   Please use Report a vulnerability functionality of this GitHub repository.

   Please use the following template:

   Description of the vulnerability

   Steps to reproduce

   Potential impact

   Any potential fixes or mitigations

   How would you like to be attributed in the public changelog

   e.g., name, email, or GitHub handle

2. Response Time: We will acknowledge your report within 10 days and provide a timeline for fixing the vulnerability.

3. Updates: We will keep you updated as we work on a fix. You may be asked to provide additional information or clarification.

4. Disclosure: We follow a coordinated disclosure process. Once a fix is implemented, we will release it and publicly disclose the details of the vulnerability along with credits to the reporter.

Security updates will be communicated through our repository's release notes. Please ensure you stay up-to-date with the latest releases to protect your environment.