# Security Policy
## Supported Versions
Only the latest version of Agate is supported at any time.
## Reporting a Vulnerability
Please report issues that you deem to be a security issue by email to johann at qwertqwefsday.eu.
You may use OpenPGP encryption with the public key available at either
- <https://github.com/Johann150/Johann150/blob/main/johann-qwertqwefsday-eu.asc>
- through web key discovery, e.g. `gpg --locate-keys ...`
- or the above manually at <https://qwertqwefsday.eu/.well-known/openpgpkey/hu/spd3xecxhotzgyu1p3eqdqdp31ba6rif>
All these public keys should be identical. If you wish for an encrypted response, include instructions on how to obtain your public key in the email.
Please allow at least 24 hours for a response.
If your issue is easy to fix, you might not get a response until the issue is fixed.
Otherwise, the receipt of your report should be acknowledged.
If you did not receive a reply within the above time frame, please email another maintainer listed in the `Cargo.toml` file, citing that you did not yet receive a reply.
Only limited support may be available.
## Compensation
There is no bug bounty or other rewards program.
At your option, you may be mentioned by your name or pseudonym in the changelog.