We will endeavour to support:
- The most recent minor release with bug fixes.
- The latest minor release from the last major version for 6 months after a new major version is released with critical bug fixes.
- All versions if a security vulnerability is found provided:
- Upgrading to a later version is non-trivial.
- Sufficient people are using that version to make support worthwhile.
If you find what you think might be a security vulnerability with pass-collaborate, please do not create an issue on github. Instead please email lyz-code-security-advisories@riseup.net I'll reply to your email promptly and try to get a patch out ASAP.