1 | # Security Policy
|
2 |
|
3 | ## Supported Versions
|
4 | Only the latest major version is supported at any given time.
|
5 |
|
6 | ## Reporting a Vulnerability
|
7 |
|
8 | To report a security vulnerability, please use the
|
9 | [Tidelift security contact](https://tidelift.com/security).
|
10 | Tidelift will coordinate the fix and disclosure.
|
11 |
|
12 | Note that this package is intended for use in build-time
|
13 | transformations. It is only intended to handle trusted code. If a
|
14 | vulnerability requires a fix that would prevent important use cases, we
|
15 | may decide not to address it.
|