Thank you for helping keep the Christmas Fun project and its users safe!
Below is a table indicating which versions are currently supported with security updates:
| Version | Supported? |
|---|---|
| 2.x (current) | ✅ |
| 1.x | ❌ (no longer supported) |
- 2.x: Actively maintained and patched for security issues.
- 1.x: No longer receives security or maintenance updates.
If you discover a security vulnerability, please do not create a public issue. Instead, reach out confidentially to the maintainer(s):
- Email: security@christmas-fun.example
(or any other private contact method you prefer)
Please include as many details as possible, such as:
- Steps to reproduce the vulnerability (if known)
- Potential impact
- Any recommended or suggested fix
- We aim to acknowledge your report within 2 business days.
- We’ll investigate promptly. If the vulnerability is confirmed, we’ll either:
- Provide a planned fix timeline, or
- Issue a hotfix release if it’s critical.
We’ll coordinate with you on a responsible disclosure timeline. Typically, we:
- Verify and fix the issue.
- Release a patched version.
- Publicly disclose (with your credit, if desired) after the fix is available.
Your efforts in responsibly disclosing vulnerabilities help ensure the project and its community remain secure and festive. We appreciate your support!