The following versions are currently supported with security updates:
| Version | Supported |
|---|---|
>= 0.0.6 |
✅ |
< 0.0.6 |
❌ |
Please use the latest version for all security-critical applications.
If you discover a security vulnerability, please do not open a public issue. Instead, report it responsibly by emailing:
v3rlq9xye (at) mozmail (dot) com
Alternatively, you may use GitHub Security Advisories for confidential reporting.
- We will acknowledge your report within 3 business days.
- We will investigate and keep you informed of progress.
- Once resolved, we will credit you (if desired) in the release notes.
- We follow a responsible disclosure process.
- Please allow us time to address the issue before public disclosure.
- We will coordinate a public announcement and release a fix as soon as possible.
All security reports and discussions are subject to our Code of Conduct.
Thank you for helping keep Candlestick and its users safe!