| Version | Supported |
|---|---|
| 0.4.x | ✅ |
| 0.3.x | ✅ |
| 0.2.x | ✅ |
| 0.1.x | ✅ |
We take security seriously. If you discover a security vulnerability, please report it responsibly.
GitHub Security Advisories
- Go to the repository's Security tab
- Click Report a vulnerability
- Follow the guided process
| Phase | Timeline |
|---|---|
| Acknowledgment | Within 48 hours |
| Initial assessment | Within 7 days |
| Patch release | Within 30 days (critical), 90 days (standard) |
| Public disclosure | After patch release |
When using this crate:
- Keep dependencies updated - Run
cargo auditregularly - Enable all security features in production
- Validate all inputs before processing
- Use TLS for all network communications
- Review the code if using in security-critical contexts
- WASM target uses
getrandomwith JavaScript fallback - Database connections should use TLS in production
- Hypervector operations are deterministic (no cryptographic guarantees)
We thank all security researchers who responsibly disclose vulnerabilities.