Only the latest version of Codra is currently supported with security updates. If you discover a vulnerability, please ensure you are running the latest version before reporting.

We take the security of Codra seriously. If you believe you have found a security vulnerability, please do not open a public issue. Instead, please report it via one of the following methods:

1. Email: Send a detailed report to me@devarshi.dev.
2. GitHub Private Reporting: Use the "Report a vulnerability" feature on GitHub if available.

• A description of the vulnerability.
• Steps to reproduce the issue.
• Potential impact of the vulnerability.
• Any suggested fixes or mitigations.

We will acknowledge your report within 48 hours and provide a timeline for a fix if the vulnerability is confirmed.

We follow a coordinated disclosure policy. We ask that you do not disclose the vulnerability publicly until we have had a chance to address it and release a fix. In return, we will give you credit for the discovery in our security advisories (unless you prefer to remain anonymous).