Skip to content

Security: nathansutton/chad

Security

SECURITY.md

Security Policy

Supported version: the latest main. chad is pre-1.0 and single-user; fixes land on main, not on backported releases.

Reporting a vulnerability: report privately via GitHub Security Advisories — the "Report a vulnerability" button on the repo's Security tab — not a public issue.

CodeQL and a dependency audit already run in CI on every push (.github/workflows/codeql.yml, .github/workflows/security.yml).

There aren't any published security advisories