If you find a security issue in is-a.software, do not open a public GitHub issue. Report it privately:

• Email: priyansh@is-a.software
• Discord: Join our server and DM a maintainer

• A description of the vulnerability
• Steps to reproduce it
• The potential impact
• Any suggested fix (optional)

1. We'll acknowledge your report within 48 hours
2. We'll work on a fix and keep you updated
3. Once the fix is deployed, we'll disclose the issue publicly with credit to you (unless you prefer to remain anonymous)

Only the latest release on the main branch receives security patches. Always run the most recent version.