If you discover a security vulnerability in TimeMachine, please do not open a public issue with details.

• Open a minimal private issue with a high-level description and request a secure contact method.
• Alternatively, email the maintainer after establishing contact in the private issue.
• We will acknowledge receipt within 5 business days and provide a timeline for the fix when possible.

We generally support the latest release of the extension and the main branch of the backend.

We ask that you give us a reasonable time to investigate and fix the issue before any public disclosure.