This document details which versions of Annotated Container are being supported by security fixes and how you can report a security vulnerability.

As of 2024-06-04 the only supported series is the 2.x release. All versions in this release series will receive security fixes. Using versions prior to this is not advised and efforts should be made to update the library.

It is planned for the 2.x series to continue receiving security fixes when the 3.x release goes live.

Unlike other bugs or issues I recommend not creating a public Issue for security vulnerabilities. Instead, please reach out to me at [email protected] with details of your discovery. It would be beneficial if you created a private GitHub repository with relevant code and tests describing the flaw.