We provide security updates for the following versions of auth-flow-flow:
| Version | Supported |
|---|---|
| 5.x | ✅ |
| 4.x | ✅ |
| < 4.0 | ❌ |
Only the latest minor release of each supported major version receives security updates.
We strongly recommend upgrading to the latest version.
If you discover a security vulnerability, please do not open a public issue.
Instead, report it privately via:
- Email: contact@kennethnnabuife.com
- Or GitHub Security Advisories (Security → Report a vulnerability)
Please include:
- Description of the issue
- Steps to reproduce
- A minimal reproduction (if possible)
- Affected version(s)
- Potential impact (if known)
- Acknowledgment within 48 hours
- Initial assessment within 5 business days
- Regular updates until resolved (for valid reports)
If confirmed:
- A fix will be released as soon as possible
- A security advisory will be published
- You will be credited (unless you prefer to remain anonymous)
If declined:
- We will provide a brief explanation
Please allow us time to investigate and fix the issue before public disclosure.
Do not exploit vulnerabilities beyond what is necessary to demonstrate them.
Thank you for helping keep auth-flow-kit secure.