Security fixes are provided for the latest main branch state and the most recent tagged release.

Please report vulnerabilities privately by email:

• Contact: x@xscriptor.com
• Subject: GitNapse Security Report

When possible, include:

1. A clear description of the issue.
2. Steps to reproduce.
3. Impact assessment.
4. Suggested remediation (optional).

1. Initial acknowledgment target: within 72 hours.
2. Triage and severity classification.
3. Fix development and validation.
4. Coordinated disclosure after patch availability.

Please do not publish proof-of-concept details before a fix is available.