Currently, these versions of WarvilPHP are supported with security updates:

If you discover a security vulnerability within WarvilPHP, please send an email to Edward Fernandez at wardvisual@gmail.com. All security vulnerabilities will be promptly addressed.

Please do not disclose security vulnerabilities publicly until they have been handled by the security team.

The security team will acknowledge your email within 48 hours, and will send a more detailed response within 96 hours indicating the next steps in handling your report.

After the initial reply to your report, the security team will endeavor to keep you informed of the progress being made towards a fix and full announcement, and may ask for additional information or guidance surrounding the reported issue.

1. Security report received and assigned a primary handler. This person will coordinate the fix and release process.
2. Problem is confirmed and a list of all affected versions is determined.
3. Code is audited to find any potential similar problems.
4. Fixes are prepared for all releases which are still supported. These fixes are not committed to the public repository but rather held locally pending the announcement.
5. A new version is released for all supported versions.
6. After the release, the security vulnerability is publicly disclosed.

When the security team receives a security vulnerability report, they will assign it to a primary handler. This person will coordinate the fix and release process, involving the following steps:

1. Confirm the problem and determine the affected versions.
2. Audit code to find any potential similar problems.
3. Prepare fixes for all affected versions still receiving security fixes. These fixes will be applied to the next release.
4. Once all fixes have been implemented, a new security release will be made public.

If you have suggestions on how this process could be improved please submit a pull request.