Only the current master branch and the current production deployment receive security fixes.
| Version or branch | Supported |
|---|---|
master |
Yes |
| Older commits, forks, or untagged snapshots | No |
Report security vulnerabilities through GitHub private vulnerability reporting or a GitHub Security Advisory for this repository.
Do not file public GitHub issues, discussions, or pull requests for sensitive vulnerabilities.
Include:
- Affected URL, route, API, or component.
- Steps to reproduce.
- Expected impact.
- Relevant logs, screenshots, or request/response samples.
Do not include real secrets, tokens, private keys, or production credentials in the report.
We will review valid reports privately and coordinate fixes before public disclosure when needed.