As the Pulsar project follows a rolling release cycle, the supported version will always be the latest version. Using the GitHub UI, or the built-in pulsar-updater package can let you check if you currently are on the latest, supported, version.

There are two primary methods of reporting a vulnerability about the Pulsar Text Editor:

1. Discord: Reporting a vulnerability via Discord is encouraged as it's something the entire team checks regularly. Once on Discord feel free to ping @team or @Admins to find someone online. Once you've found them ensure to get permission to privately message them, then in a private DM to whoever you have permission from you can include the details of your report.
2. Email: If you don't have access to Discord, you may also send an email to [email protected] with the details of your report. Please keep in mind that we collectively check this email less often, and it may take longer to get a response.

As much as we would like to, sometimes messages slip through the cracks or, because the entire Pulsar team is made of volunteers with outside lives and jobs, we may not be available at the time of your report, and things get missed.

If this happens when you are attempting to report a vulnerability, feel free to create an issue in GitHub, ping us on Discord, send another email, or use any of our various social channels to let us know that a security vulnerability has been reported via one of the two above methods.

In the event you are sending a reminder, GitHub is the recommended way to do so, to ensure it gets seen by as many maintainers as possible.

To anyone reporting a security vulnerability, we greatly appreciate your dedication to improving the security of Pulsar for the entire community. Thank you.