We take the security of Styleframe and its users seriously. Thank you for helping keep the project and its community safe.
| Version | Supported |
|---|---|
| 1.x | ✅ |
| < 1.0 | ❌ |
Please do not report security vulnerabilities through public GitHub issues, discussions, or pull requests.
Instead, report them privately using one of the following:
- GitHub Security Advisories (preferred) — open the repository's Security tab and choose Report a vulnerability. This keeps the report private until a fix is released.
- Email — write to alex@styleframe.dev if you cannot use private advisories.
Please include as much of the following as you can:
- The affected package(s) and version(s)
- A description of the vulnerability and its potential impact
- Steps to reproduce, or a minimal proof of concept
- Any suggested mitigation, if you have one
- We aim to acknowledge your report within 72 hours.
- We will keep you informed as we investigate and work on a fix.
- We follow coordinated disclosure: please give us a reasonable window to release a fix before any public disclosure, and we will credit you in the advisory unless you prefer to remain anonymous.
Thank you for contributing to the security of Styleframe.