1  # Security Policy
 2  
 3  ## Supported Versions
 4  
 5  At the moment Oh My Zsh only considers the very latest commit to be supported.
 6  We combine that with our fast response to incidents and the automated updates
 7  to minimize the time between vulnerability publication and patch release.
 8  
 9  | Version        | Supported          |
10  |:-------------- |:------------------ |
11  | master         | :white_check_mark: |
12  | other commits  | :x:                |
13  
14  In the near future we will introduce versioning, so expect this section to change.
15  
16  ## Reporting a Vulnerability
17  
18  **Do not submit an issue or pull request**: this might reveal the vulnerability.
19  
20  Instead, you should use the form to [privately report a vulnerability to us via GitHub](https://github.com/ohmyzsh/ohmyzsh/security/advisories/new)
21  or email the maintainers directly at: [**security@ohmyz.sh**](mailto:security@ohmyz.sh).
22  
23  We will deal with the vulnerability privately and submit a patch as soon as possible.