Lychee uses a rolling release system, we do not backport fixes to previously released versions. Those are the versions where we accept vulnerability reports.
| Version | Supported |
|---|---|
| master | ✔️ |
| latest release | ✅ |
| < latest release | ❌ |
| < 6.0 | ❌ |
As described in our contribution guide, if you discover a security vulnerability within Lychee, please contact us directly on gitter. All security vulnerabilities will be promptly addressed.