superlighttui 0.12.12

Super Light TUI - A lightweight, ergonomic terminal UI library
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47

# Security Policy

## Supported Versions

| Version | Supported |
|---------|-----------|
| 0.12.x  | Yes       |
| < 0.12  | No        |

Only the latest minor release receives security fixes.

## Reporting a Vulnerability

**Do not open a public GitHub issue for security vulnerabilities.**

Instead, use one of these methods:

1. **GitHub Security Advisory** (preferred): [Report a vulnerability](https://github.com/subinium/SuperLightTUI/security/advisories/new)
2. **Email**: Contact the maintainer directly (see GitHub profile)

### What to Include

- Description of the vulnerability
- Steps to reproduce
- Affected versions
- Impact assessment (if known)

### Response Timeline

- **Acknowledgment**: Within 48 hours
- **Initial assessment**: Within 7 days
- **Fix release**: Depends on severity (critical: ASAP, others: next patch)

### Scope

SLT is a terminal UI rendering library. Security concerns typically involve:

- Terminal escape sequence injection
- Denial of service through malformed input
- Unsafe memory access (SLT uses `#![forbid(unsafe_code)]`)
- Dependency vulnerabilities (monitored by `cargo-audit` in CI)

### After a Fix

- A patch version is released with the fix
- The vulnerability is disclosed in CHANGELOG.md after the fix is available
- Credit is given to the reporter (unless they prefer anonymity)