Only the latest v1.x release receives security fixes.
| Version | Supported |
|---|---|
| 1.x | ✓ |
| < 1.0 | ✗ |
Please do not open a public issue for security problems.
Report vulnerabilities privately through GitHub Security Advisories:
https://github.com/adrianbrad/queue/security/advisories/new
Include:
- A description of the issue and its impact.
- Steps to reproduce or a proof-of-concept.
- Affected version(s).
- Any known mitigation or workaround.
- Acknowledgement: within 7 days of the initial report.
- Triage and disposition (accepted, declined, or needs more info): within 14 days.
- Fix or coordinated disclosure plan: within 30 days for confirmed issues.
Once a fix is released, the advisory is published on GitHub. Reporters are credited unless they request anonymity.