## Security Policy ### Supported Versions We aim to support the latest released version of `ollama4j` and the most recent minor version prior to it. Older versions may receive fixes on a best-effort basis. ### Reporting a Vulnerability Please do not open public GitHub issues for security vulnerabilities. Instead, email the maintainer at: ``` koujalgi.amith@gmail.com ``` Include as much detail as possible: - A clear description of the issue and impact - Steps to reproduce or proof-of-concept - Affected version(s) and environment - Any suggested mitigations or patches You should receive an acknowledgement within 72 hours. We will work with you to validate the issue, determine severity, and prepare a fix. ### Disclosure We follow a responsible disclosure process: 1. Receive and validate report privately. 2. Develop and test a fix. 3. Coordinate a release that includes the fix. 4. Publicly credit the reporter (if desired) in release notes. ### GPG Signatures Releases may be signed as part of our CI pipeline. If verification fails or you have concerns about release integrity, please contact us via the email above.