Currently, only the latest release is actively supported with security updates.

Please do not report security vulnerabilities through public GitHub issues or discussions.

If you believe you have found a security vulnerability in ModelScript (or any of its packages, components, and tools), please adhere to responsible disclosure principles and report it privately via email to mnachawa@gmail.com.

When reporting a vulnerability, please include:

• A detailed description of the vulnerability and its potential impact.
• Clear steps to reproduce the issue, including environment details (OS, Node.js version, browser, etc.).
• Any suggested remediations or workarounds if you have them.

We take all security reports seriously. You can expect:

1. An acknowledgment of your report within 48 hours.
2. A status update after the issue has been triaged and verified.
3. A timeline for when a patch or mitigation will be available.

Once the vulnerability is resolved and an update is published, we will publicly acknowledge your responsible disclosure (if you desire) in the release notes or a GitHub Security Advisory.