| Version | Supported |
|---|---|
| Latest | Yes |
| Older | No |
Please do not open public issues for security vulnerabilities.
Report via GitHub's built-in private reporting:
https://github.com/AnyiWang/OpenCovibe/security/advisories/new
If the GitHub channel is unavailable, email [email protected].
This policy covers the OpenCovibe desktop application itself (Tauri, Rust backend, Svelte frontend). Vulnerabilities in upstream CLIs (Claude Code, Codex) should be reported to their respective maintainers.
- Acknowledgment: within 72 hours of report
- Fix: a patch release will be issued as soon as a fix is ready
Vulnerabilities will be publicly disclosed after a fix has been released.