The pedantic project follows a continuous deployment model. The master branch is automatically deployed, and security fixes are released only in the latest version.
As a result, only the most recent release is supported with security updates. Older releases are not maintained and will not receive security patches.
| Version | Supported |
|---|---|
| Latest release | ✅ |
| All previous releases | ❌ |
Users are strongly encouraged to upgrade to the latest available version.
If you discover a security vulnerability in pedantic, please report it privately rather than opening a public issue.
You can report vulnerabilities by contacting the maintainer through GitHub:
- Open a private GitHub Security Advisory, if available.
- Alternatively, contact the maintainer directly via GitHub.
Please include:
- A description of the vulnerability.
- Steps to reproduce the issue.
- The affected version(s).
- Any proof-of-concept code or examples, if applicable.
- Your assessment of the potential impact.
After receiving a report, I will make a best effort to:
- Acknowledge receipt of the report within 7 days.
- Investigate and validate the issue.
- Develop and release a fix if the report is confirmed.
- Coordinate disclosure where appropriate.
Please note that response times may vary, as pedantic is maintained as an open-source project in my spare time.
Thank you for helping keep pedantic and its users secure.