We support the latest major release, which is at the moment 2.0-M4. In case of direct or transitive vulnerability in that code, we'll release a new version as soon as possible. Please follow us on Twitter for release announcements, and keep your alf.io updated!
| Version | Supported |
|---|---|
| 2.0-M4 | ✅ |
| 2.0-M3 | ❌ |
| 2.0-M2 | ❌ |
| 2.0-M1 | ❌ |
We consider the "main" branch to be always a "Work in Progress", and as such it might contain vulnerabilities. Before each release we'll run an additional scan on SonarCloud and fix all the security-releated findings. That branch should not be deployed in production. If you do that, you're on your own.
Please report vulnerabilities through GitHub Security Advisories.
If you have any questions you can reach out to security @ alf.io (remove spaces). We'll reply as soon as possible.
Thank you for sharing responsibly!