SECURITY.md
# Security Policy
## Supported Versions
At any given time we support the _latest_ version of dependency-cruiser (as
reflected in the _main_ branch) with security updates.
## Reporting a Vulnerability
If you think you have found a vulnerability, please report responsibly. Don't
create GitHub issues for security issues. Instead, please send an email to
sander_verweij@yahoo.com and/ or a direct message (DM) to
[@mcmeadow@mstdn.social](https://mstdn.social/@mcmeadow) on Mastodon (or
[@mcmeadow](https://twitter.com/mcmeadow) on twitter while it lasts) and we'll
look into it as soon as we can.
We appreciate any responsible disclosure of vulnerabilities that might impact
the integrity of our platforms and users. While we do not offer any bounties
or swags at the moment, we'll (if you wish so) mention you in the release notes.
Ensure that you are using the latest, stable and updated version of operating
system, and the latest of the supported node versions.