# Security Policy ## Reporting a Vulnerability Please report suspected security vulnerabilities **privately** by emailing **security@gebler.dev** with the subject line "DocLite security report". You can expect: - An acknowledgement within 72 hours. - A disclosure plan or fix within 30 days for confirmed issues. Please do not open public GitHub issues for vulnerabilities. ## Supported Versions | Version | Status | |---------|---------------------------------------| | 2.x | Active support (features + security) | | 1.x | Security fixes only until 2027-05-01 | | < 1.0 | Unsupported |