Use this table as the current support guide for vulnerability reports.
| Version or branch | Status |
|---|---|
main |
Supported |
| Latest beta tag | Supported |
| Older tags | Best effort only |
Do not open a public GitHub issue for a suspected security problem.
Instead, email:
Use a subject line that starts with:
[SmartAssist security]
Include:
- A clear description of the issue
- Affected version, branch, or commit
- Reproduction steps or proof of concept
- Any suggested mitigation if you have one
- Initial acknowledgement target: within 2 business days
- Status updates target: at least weekly while triage is active
- Coordination before public disclosure when a fix is needed
Please give us a chance to investigate and patch before posting details publicly. Responsible disclosure makes it easier to protect users quickly.