This security policy applies to IAmParadox27/jellyfin-plugin-file-transformation on GitHub.

Security and bug fixes are generally provided only for the latest version. Fixes will be released as part of the next minor version as quickly as possible after fixes are verified.

Security fixes are given priority and will usually be enough to cause a new version to be released.

We encourage responsible disclosure of security vulnerabilities. If you find something suspicious, we encourage and appreciate your report!

In order for the vulnerability reports to reach maintainers as soon as possible, the preferred way is to use the "Report a vulnerability" button under the "Security" tab of the associated GitHub project. This creates a private communication channel between the reporter and the maintainers.