If you think you've found a security issue in this package, please do not open a public GitHub issue.
Instead, email david@run-as-root.sh with:
- A description of the issue
- Steps to reproduce, or a minimal proof of concept
- The affected version(s)
- Any suggested remediation, if you have one
You can expect:
- An acknowledgement within 3 business days
- A status update within 7 business days
- Credit in the release notes once a fix ships, if you'd like
This policy covers the runasroot/module-seeder package itself. Vulnerabilities in Magento core, third-party dependencies, or downstream Magento installs should be reported to their respective maintainers.
Only the latest minor release on main receives security fixes. If you're on an older version, upgrade first — there is no backport pipeline.
| Version | Supported |
|---|---|
| latest | yes |
| older | no |