This repository is supported on the default branch only.
| Version | Supported |
|---|---|
main |
Yes |
| Older branches and tags | No |
Do not open a public issue for security problems.
Use GitHub's private vulnerability reporting flow from the repository Security tab when it is available. If that option is not visible, contact the maintainer privately through the contact methods listed on Dan Knauss's profile or dan.knauss.ca.
Include:
- Affected action gate, capability check, or workflow
- Reproduction steps or a proof of concept
- Impact assessment
- Suggested mitigation if you have one
- Initial triage response: within 5 business days
- Status update after validation: within 10 business days
- Public disclosure: only after a fix or mitigation is available
Reports may cover privileged action gating, challenge flows, integration points, or build and release automation.