The latest released version of shame is the only supported version.
Security fixes are released as patch versions on top of the current
minor.
| Version | Supported |
|---|---|
| 0.1.x | ✅ |
| < 0.1 | ❌ |
Please do not open a public issue for security vulnerabilities.
Use one of the following private channels:
- Preferred: GitHub's "Report a vulnerability" form (creates a private advisory thread).
- Email: bartekdawidflis@gmail.com.
Please include:
- A description of the issue and its impact.
- Steps to reproduce, ideally with a minimal example.
- Affected version(s).
- Any suggested mitigation, if known.
Best-effort response within 7 days acknowledging the report. A disclosure timeline and embargo will be agreed before any public discussion.
Once a fix is available, a coordinated release follows: patched version, GitHub Security Advisory, and (if applicable) a CVE.