# Security Policy
## Supported versions
The latest released `0.x` version on [crates.io](https://crates.io/crates/timeweb-rs)
receives security fixes. While the crate is pre-`1.0`, older versions are not
patched — upgrade to the latest release.
## Reporting a vulnerability
Please report security issues privately through GitHub's
[private vulnerability reporting](https://github.com/RAprogramm/timeweb-rs/security/advisories/new)
rather than opening a public issue.
Include affected versions, a description of the impact, and reproduction steps
where possible. You will receive an acknowledgement within a few days, and a
fix or mitigation plan once the report is triaged.
## Scope
This SDK is a generated HTTP client. Reports about the Timeweb Cloud API itself
should go to Timeweb Cloud support; this policy covers only the `timeweb-rs`
crate (credential handling, dependency advisories, generated-code issues).