Currently, only the latest major release of Nova IDE and Nova Web Agent Core is supported with security updates.

We take the security of the Nova Agent Framework and our users very seriously.

If you discover a security vulnerability, please DO NOT report it by creating a public GitHub issue. Instead, please report it via one of the following methods:

1. GitHub Security Advisories: Go to the "Security" tab of this repository and click "Report a vulnerability" to open a private advisory.
2. Direct Contact: If you prefer, you can reach out directly to the maintainers regarding critical security issues.

• You will receive an initial response acknowledging your report within 48 hours.
• If the vulnerability is accepted, we will work with you to patch the issue and publish a security advisory. We will keep you updated on our progress.
• Once resolved, we will publish the fix and (if you opt-in) give you credit for the discovery in the release notes and advisory.

Thank you for helping keep the Nova ecosystem secure!