The following table lists versions and whether they are supported. Security vulnerability reports will be accepted and acted upon for all supported versions.
Version | Supported |
---|---|
3.3.x | ✅ |
3.2.x | ✅ |
3.1.x | ❌ |
3.0.x | ❌ |
2.2.x | ✅ |
< 2.2 | ❌ |
If you have found a security vulnerability, in order to keep it confidential, please do not report an issue on GitHub.
Please email us details of the vulnerability at [email protected]; include a description and proof-of-concept that is short and self-contained.
You should expect a response within a week of your email. Depending on the severity of the issue, this may require some time to draft an immediate bugfix release. Less severe issues may be held until the next release.
We do not award bounties for security vulnerabilities.