We release patches for security vulnerabilities in the following versions:

If you discover a security vulnerability, please follow these steps:

1. Do not disclose it publicly.
   Instead, send an email to [email protected] with the details of the vulnerability.

2. Provide sufficient details.
   Include steps to reproduce the issue, the affected version, and any relevant logs or screenshots.

3. Wait for a response.
   We will acknowledge receipt of your report within 48 hours and provide a timeline for addressing the issue.

We recommend keeping your dependencies up-to-date to avoid known vulnerabilities. Use tools like npm audit or pnpm audit to identify and resolve security issues in your dependencies.

We follow a responsible disclosure policy. If you report a vulnerability responsibly, we will credit you in the release notes unless you prefer to remain anonymous.