We actively monitor and fix bugs/vulnerabilities in the main branch of Velvet Noir. Due to the rolling-release nature of Arch Linux and Hyprland, we only officially support the latest stable version of the dotfiles.
| Version | Supported |
|---|---|
| Main | ✅ |
| < Main | ❌ |
We take the security and integrity of our configuration scripts and installers very seriously. If you discover any security vulnerability (e.g. dangerous command injections in script arguments, insecure tempfile generation, or privilege escalation issues in install.sh), please do NOT open a public issue.
Instead, please report it privately:
- Send an email to the maintainer at programmersd21@gmail.com (or contact the maintainer directly via GitHub profile details).
- Include a clear description of the vulnerability, steps to reproduce, and any potential exploits or proof of concept code.
We will acknowledge receipt of your vulnerability report within 48 hours and work with you to patch the issue and publish a fix as quickly as possible. Thank you for helping keep the open-source community secure!