Security Policy Supported Versions Only the latest version will get security updates. Reporting a Vulnerability Make a new issue if there is any undetected vulnerability (not reported by dependabot). It should normally be fixed within a two weeks, but it may take longer.