SECURITY.md (1087B)
1 # Security Policy 2 3 ## Supported Versions 4 5 Only the latest release on the `v1.14.x` line receives security fixes. 6 7 | Version | Supported | 8 | -------- | ------------------ | 9 | 1.14.x | :white_check_mark: | 10 | < 1.14 | :x: | 11 12 ## Scope 13 14 `go-sqlite3` is a CGo binding that bundles the SQLite amalgamation 15 (`sqlite3-binding.c` / `sqlite3-binding.h`). Please report issues to the 16 appropriate project: 17 18 - Bugs in the Go binding layer, CGo glue, build tags, or this repository's 19 own code: report here. 20 - Vulnerabilities in SQLite itself: please report them upstream to the 21 SQLite developers at <https://www.sqlite.org/>. Once a fix is released 22 upstream, this repository will update the bundled amalgamation. 23 24 ## Reporting a Vulnerability 25 26 Please **do not** open a public GitHub issue for security problems. 27 28 Use GitHub's private vulnerability reporting: 29 <https://github.com/mattn/go-sqlite3/security/advisories/new> 30 31 This project is maintained on a best-effort basis by volunteers, so please 32 allow reasonable time for investigation and a fix before any public 33 d