Thank you for helping keep Supabase-php/Supabase-client secure!
If you discover a security vulnerability within this project, we strongly encourage you to report it responsibly.
Please do not open a public issue. Instead, contact us privately at:
- Email: [email protected]
We aim to respond within 48 hours and will work with you to verify and address the vulnerability promptly.
- We will acknowledge receipt of your report within 1–2 business days.
- We will confirm the validity of the issue and plan a timeline for the fix.
- A fix will be released and a public disclosure will be made only after the patch is available.
| Version | Supported |
|---|---|
1.1.2 (latest) |
✅ Supported |
< 1.0.0 (legacy) |
❌ Not maintained |
This policy applies to the core Supabase-php/Supabase-client repository only. Issues related to external dependencies should be reported to their respective maintainers.
Please submit vulnerability reports in English if possible.
We appreciate responsible disclosures and your effort to make the open-source ecosystem safer.