Stult is currently pre-1.0. Security fixes are generally made for the latest development version only, unless otherwise stated.

Please do not report security vulnerabilities through public GitHub issues.

Use GitHub’s private vulnerability reporting feature for this repository. Include the affected version or commit, a clear description of the issue, and a minimal reproduction if possible.

The maintainer will review the report privately and decide whether a fix should be prepared before public disclosure.

General bugs that do not have a security impact may be reported through normal GitHub issues.