If you believe you have found a security vulnerability in Spindle, we encourage you to let us know right away. We will investigate all reports and do our best to quickly fix the problem.

To report a vulnerability, please follow these steps:

1. Email us: Send an email to contact@arachne.digital with the subject line "Security Vulnerability Report".
2. Provide details: Include as much information as possible about the vulnerability. This should include:
   • A detailed description of the vulnerability.
   • Steps to reproduce the vulnerability.
   • Potential impact and severity of the vulnerability.
   • Any possible mitigations or workarounds.
3. Please do not disclose publicly: Please do not disclose the vulnerability publicly until we have had a chance to address it. We will work with you to ensure we understand the issue and provide a fix.

Once a vulnerability is reported, we follow these steps:

1. Acknowledgment: We will acknowledge receipt of your report.
2. Investigation: Our team will investigate the report and determine the severity and impact of the vulnerability.
3. Resolution: We will work to fix the vulnerability as quickly as possible. You will be notified when the issue is resolved, and we may ask you to verify the fix.
4. Disclosure: After the vulnerability is fixed, we will publicly disclose the details of the vulnerability and the fix. We will give credit to the reporter unless they wish to remain anonymous.

We currently support and maintain the following versions of Spindle:

Actually, there is only one version of Spindle currently and it is supported! This will be filled out as more versions are released.

Security updates will be released as necessary, and users will be notified via our release notes and security advisories.

Thank you for helping us keep Spindle secure!