14 lines
835 B
Markdown
14 lines
835 B
Markdown
# SECURITY POLICY
|
|
|
|
## Supported Versions
|
|
|
|
When a new **minor** version (`5.x`) is released, the previous one will continue to receive security and bug fixes for *at least* 3 months.
|
|
|
|
When a new **major** version is released (`4.0`, `5.0`, etc), the previous one will receive bug fixes for *at least* 3 months and security updates for 6 months after that new release comes out.
|
|
|
|
(This policy may change in the future and exceptions may be made on a case-by-case basis.)
|
|
|
|
## Reporting a Vulnerability
|
|
|
|
If you discover a security vulnerability within this package, please use the [Tidelift security contact form](https://tidelift.com/security) or email Colin O'Dell at <colinodell@gmail.com>. All security vulnerabilities will be promptly addressed. Please do not disclose security-related issues publicly until a fix has been announced.
|