tinyflows is pre-1.0 software under active development. Security fixes are
provided on a best-effort basis for the latest published release and the current
main branch. There are no long-term support or backport guarantees for older
releases while the crate is pre-1.0.
| Version | Supported |
|---|---|
latest (main) |
✅ |
| latest published | ✅ |
| older pre-1.0 | ❌ |
Please report security vulnerabilities privately — do not open a public issue, pull request, or discussion for security-sensitive reports.
Preferred: use GitHub's private vulnerability reporting on the
tinyhumansai/tinyflows repository
("Security" tab → "Report a vulnerability"). If that is unavailable, contact the
maintainers privately through the repository instead.
Please include enough detail to reproduce the issue: affected version, a description of the vulnerability, and — where possible — steps to reproduce or a proof of concept.
We aim to acknowledge new reports on a best-effort basis, typically within a few days, and will keep you informed as we investigate and prepare a fix. We ask that you give us a reasonable opportunity to address the issue before any public disclosure.