Sanson is in early development. Only the latest commit on main and the most recent tagged release receive security fixes. Older releases are not maintained.
| Version | Supported |
|---|---|
Latest main |
✅ |
| Latest release | ✅ |
| Older releases | ❌ |
Please do not open a public GitHub issue for security problems.
Use one of the following private channels instead:
- Preferred — open a private security advisory on GitHub. This keeps the discussion private until a fix is published.
- Or send an email to sebastien.prunier@gmail.com with
[security]in the subject.
Include:
- A description of the issue and its impact
- Steps to reproduce, or a proof of concept
- The Sanson version (commit SHA or release tag) and your environment
- Acknowledgement within 3 business days
- An initial assessment and rough timeline within 7 days
- A coordinated disclosure once a fix is ready, with credit if you wish
Thanks for helping keep Sanson and its users safe.