Security Policy Supported Versions Main branch is supported. Older builds are not actively maintained. Reporting a Vulnerability Email or open a private security advisory on GitHub instead of a public issue. Include reproduction steps, affected versions, and potential impact. We aim to acknowledge reports within five business days and provide a remediation plan or timeline when possible. Expectations Do not test or exploit vulnerabilities in production environments you do not own. Give us a reasonable time to investigate and fix before public disclosure.