Project follows the Abseil Live at Head philosophy. We recommend updating to the latest commit in the main branch as often as possible. We do publish occasional semantic versions, tagged with v${major}.${minor}.${patch} (e.g. v1.16.0).

We release patches for security vulnerabilities. The following are currently supported:

If you discover a security vulnerability within this repository, please reach out to us privately to ensure we can address the issue before it is publicly known.

1. Do not open an issue to report the vulnerability. This ensures that the security issue is not publicly visible.
2. Contact the maintainers via email with the details of the vulnerability.
3. Provide as much information as possible about the vulnerability to help us understand the issue and address it effectively.

We will coordinate with you to understand the issue, determine the severity, and plan a resolution. We aim to respond to vulnerability reports within 48 hours.

We will update users about security vulnerabilities and patches through:

• Release notes
• Notifications in the repository
• Email alerts (if you are subscribed)

We believe in responsible disclosure and will reward those who disclose security vulnerabilities responsibly.

Thank you for helping to keep our project secure!