Only actively maintained branches receive security updates. Older tags may be patched on a best-effort basis if the fix is low risk—otherwise please upgrade to the latest main.

1. Create a private advisory using GitHub's security portal: https://github.com/devswiftzone/swift.nvim/security/advisories/new.
2. Provide as much detail as possible—Neovim version, operating system, minimal reproduction steps, and potential impact.
3. Expect an initial acknowledgement within 3 business days. We will keep you informed about the remediation timeline and may request additional information if needed.

If you are unable to use GitHub's advisory workflow, contact the maintainers through the GitHub support form and reference this repository.

Once a fix is available, we plan to:

• Coordinate a release that includes the patch.
• Credit the reporter if they wish to be acknowledged.
• Disclose the details publicly after users have had a reasonable opportunity to update.

Thank you for helping keep swift.nvim and its users safe.