| Version | Supported |
|---|---|
| 1.x | ✅ |
| < 1.0 | ❌ |
If you discover a security vulnerability in the Yes framework, please report it responsibly. Do not open a public GitHub issue.
Instead, please email nico.ritsche@yousty.ch with:
- A description of the vulnerability
- Steps to reproduce the issue
- Any potential impact you have identified
You can expect:
- An acknowledgment within 48 hours
- A follow-up assessment within 1 week
- A fix or mitigation plan communicated to you before public disclosure
We appreciate your help in keeping the Yes framework and its users safe.