If you discover a security vulnerability, please report it responsibly:
- Do not open a public GitHub issue
- Email the maintainers or use GitHub's private vulnerability reporting
- Include steps to reproduce and potential impact
We will acknowledge receipt within 48 hours and provide a timeline for a fix.
create-lore is a CLI scaffolder that clones a template repo and initializes a new project. Security concerns are primarily:
- Shell command execution during project scaffolding (
git clone,git init) - Template integrity (clones from a pinned version tag on GitHub)
| Version | Supported |
|---|---|
| 0.13.x | Yes |