We are committed to ensuring the security of this project. The following table outlines the versions of the project that are actively supported with security updates:
| Version | Supported |
|---|---|
| Latest (main) | Yes |
| Older | No |
If you are using an unsupported version, we recommend upgrading to the latest version to ensure you receive security updates.
We take all security vulnerabilities seriously. If you discover a potential security issue, please follow the steps below to report it responsibly:
-
Contact Us:
- Email us at github@leetabit.dev.
- Use the subject line: "Security Vulnerability Report" for clarity.
-
Provide Details:
- Include a detailed description of the issue, including:
- Steps to reproduce the vulnerability.
- Potential impact or exploitation scenarios.
- Any proof-of-concept (PoC) code, if available.
- If possible, indicate which version(s) of the project are affected.
- Include a detailed description of the issue, including:
-
Keep It Confidential:
- Do not disclose the vulnerability publicly or share it with others until we have resolved the issue and released a patch.
-
Response Time:
- We aim to acknowledge receipt of your report within 48 hours.
- We will provide regular updates as we investigate and address the issue.
- We will work diligently to validate, fix, and release patches for reported vulnerabilities.
- Contributors who report valid vulnerabilities responsibly will be credited appropriately in the release notes (unless anonymity is requested).
This policy applies to the codebase, dependencies, and any services directly related to the project. Vulnerabilities in third-party tools or services not under our control should be reported to their respective maintainers.
Thank you for helping us make this project safe and secure for everyone.