We currently support the following versions of witr with security updates:
| OS | Supported |
|---|---|
| macOS | ✅ |
| Linux | ✅ |
| Windows | ❌ |
See our Feature Compatibility Matrix for more details.
We take the security of witr seriously. If you believe you have found a security vulnerability, please report it to us responsibly.
How to report:
Use the "Report a vulnerability" button in the repository’s Security tab on GitHub to submit your report privately. Only maintainers and the reporter will see the submission.
What to include in your report:
- A description of the vulnerability.
- Steps to reproduce the issue (including any sample code or configuration).
- Potential impact of the vulnerability.
- Any suggested mitigations or fixes.
- Acknowledgment: We will acknowledge receipt of your report within 48 hours.
- Investigation: We will investigate the report and determine the severity and impact.
- Fix: If a vulnerability is confirmed, we will work on a fix and release a new version as soon as possible.
- Disclosure: We will coordinate the disclosure of the vulnerability with you to ensure that users have time to update.
This security policy is based on standard open-source practices.