# Security Policy

## Supported Versions

Shuffle is now live in version 1.0.0, but we aim to support older version with critical severity security issues, but do advise you to stay up to date with Major versions. 

| Version | Supported          |
| ------- | ------------------ |
| >=0.9.0   | :white_check_mark: |
| < 0.9.0   | :x:                |

## Reporting a Vulnerability

Reporting a vulnerability can either be done to [support@shuffler.io](mailto:support@shuffler.io) or [through the contact page on our website](https://shuffler.io/contact)

Security.txt: https://shuffler.io/.well-known/security.txt

When a >medium severity vulnerability is discovered, expect it to be fixed ASAP - please nag us until it is otherwise. Security is a top priority, and we expect and hope you hold us accountable.
In the case it makes sense, we'll further create a security advisory, and publish a new CVE for your new glorious finding.