We currently support the following versions of Scriptura with security updates:

If you discover a security vulnerability in Scriptura, please follow the steps below to report it:

1. Contact Us

   • Report security vulnerabilities privately by emailing [email protected].
   • Do not disclose security vulnerabilities in public issues or pull requests.

2. Information to Include
   When reporting a vulnerability, please provide:

   • A clear and detailed description of the vulnerability.
   • Steps to reproduce the issue, including relevant code snippets or system details.

3. Response Time

   • We will acknowledge your report within 48 hours.
   • After reviewing the report, we will update you on the status and planned actions.
   • Critical vulnerabilities will be addressed as a priority, and a fix will be released as soon as possible.

4. Disclosure Process

   • Once a vulnerability is confirmed and fixed, we will publicly disclose it after it is patched in a stable release.
   • Credit will be given to the reporter unless anonymity is requested.

Your assistance helps us keep Scriptura secure and reliable for all users. Thank you for your responsible disclosure.