Security fixes are applied to the latest main branch.
Please do not report vulnerabilities in public issues.
Instead:
- Email the maintainer:
mike.holownych+chromatui-security@proton.me - Include reproduction details, impact assessment, and affected paths.
- If available, include a minimal proof-of-concept.
You should receive an acknowledgement within 3 business days.
- We will validate and triage the report.
- We will coordinate a fix and release window.
- We will credit reporters unless anonymity is requested.