We only provide security updates for the latest stable version of this project.
| Version | Supported |
|---|---|
| Latest | ✅ |
| >= v2.0 | ✅ |
| < v2.0 | ❌ |
Please do not report security vulnerabilities through public GitHub issues.
We take the security of our hardware integrations and C++ core very seriously. If you discover a potential security issue or a vulnerability, please report it privately using one of the following methods:
- GitHub Private Reporting: Use the "Report a vulnerability" button under the Security tab of this repository. This is the preferred method as it allows for a secure, private discussion.
- A description of the vulnerability.
- Steps to reproduce the issue (PoC code if possible).
- The potential impact on users or hardware.
After receiving your report, you can expect:
- An initial response within 48 hours acknowledging the report.
- A timeline for the fix and a public disclosure plan once the patch is ready.
- Credit in our release notes (if you wish) once the patch is live.
We follow a responsible disclosure policy. We ask that you do not share information about the vulnerability publicly until we have had a reasonable amount of time to provide a fix for our users.