We support the latest minor release of the current major version. Older versions may receive fixes on a best-effort basis only.

Please do not open public GitHub issues for security reports.

Report vulnerabilities via one of the following channels:

• GitHub Security Advisories (preferred)
• Email: pos@halvex.net

If you must provide proof of concept, ensure it is minimal and does not expose real customer data.

We aim to acknowledge reports within 72 hours and provide a status update within 7 days. Fixes will be released as soon as feasible. We may credit reporters unless you request otherwise.