| Version | Supported |
|---|---|
| 1.x | ✅ Fully supported |
| 0.x | ❌ No longer supported |
We currently support the latest minor release of the 1.x series. Older releases should be upgraded to receive security patches.
If you discover a security vulnerability, please contact us at [email protected]. Please do not open a public issue.
Include as much detail as possible, including:
- Steps to reproduce the vulnerability
- Potential impact
- Suggested mitigation (if available)
We will acknowledge receipt within 48 hours. After evaluation, we will work with you on a disclosure plan and release timeline.
We prefer security reports in English or Indonesian.
We follow responsible disclosure practices. Once a fix is ready, we will:
- Release a patched version via Composer.
- Publish release notes detailing the vulnerability and remediation steps.
- Credit reporters who wish to be acknowledged.