The following versions of our project are currently being supported with security updates:
| Version | Supported |
|---|---|
| 5.1.x | ✅ |
| 5.0.x | ❌ |
| 4.0.x | ✅ |
| < 4.0 | ❌ |
We take the security of our software seriously. If you believe you have found a security vulnerability, please report it to us as described below.
Instead, please report them to the maintainers directly. You can expect an initial response to your report within 48 hours, indicating the next steps in handling your submission.
After the initial reply to your report, the security team will keep you informed of the progress being made towards a fix and full announcement. This may involve validating the report and asking for additional details about the vulnerability.
If the vulnerability is confirmed, we will release a patch as soon as possible depending on complexity but historically within a few days.
If the report is not accepted, we will provide you with an explanation.
We strive to resolve all issues as quickly as possible and we ask that you make every effort to keep any discussion about any vulnerabilities that have been reported to us confidential until they have been resolved.
Thank you for helping keep our project and our users safe!