Currently, only the latest release of Duct is actively supported with security updates. Please ensure you are running the latest version from npm or the main branch.

We take the security of Duct and its users very seriously. If you discover a vulnerability, do not open a public issue.

Instead, please report it privately via GitHub Security Advisories:

1. Go to the Security tab of the repository.
2. Click Report a vulnerability and provide detailed steps to reproduce the issue.

Alternatively, you can email the maintainers directly at security@docfide.com.

We will respond within 48 hours to acknowledge the report and outline the next steps for a fix. Thank you for helping keep the open source community secure!