Currently, only the master branch is actively supported with security updates.

If you discover a security vulnerability within YADRLite (e.g., exposed secrets in standard configurations, insecure file permissions generated by scripts, malicious dependencies in global.Brewfile), please DO NOT open a public issue.

Instead, please send an email to the repository owner or open a private vulnerability report via GitHub Security Advisories.

We will acknowledge receipt of your vulnerability report within 72 hours, and we will strive to send you regular updates about our progress. Once the issue is resolved, we will publish a security advisory and credit you for the discovery.