If you discover a security vulnerability in Cereb, please report it responsibly.
Do not open a public issue for security vulnerabilities.
Instead, please send an email or contact the maintainer directly through GitHub. Include:
- Description of the vulnerability
- Steps to reproduce
- Potential impact
- Any suggested fixes (optional)
- Acknowledgment: Within 48 hours
- Initial assessment: Within 1 week
- Fix timeline: Depends on severity, typically within 30 days
Security updates are provided for the latest minor version only.
| Version | Supported |
|---|---|
| 0.x.x | ✅ |
This policy applies to:
cereb(core package)@cereb/pan@cereb/pinch
Thank you for helping keep Cereb secure.