# Security Policy

Hello and thank you for your interest in the `urfave/cli` security
policy! :tada: :lock:

## Supported Versions

| Version      | Supported                             |
| ------------ | ------------------------------------- |
| `>= v2.3.x`  | :white_check_mark:                    |
| `< v2.3`     | :x:                                   |
| `>= v1.22.x` | :white_check_mark: :lady_beetle: [^1] |
| `< v1.22`    | :x:                                   |

## Reporting a Vulnerability

Please disclose any vulnerabilities by sending an email to:

[urfave-security@googlegroups.com](mailto:urfave-security@googlegroups.com)

You should expect a response within 48 hours and further
communications to be decided via email. The `urfave/cli` maintainer
team comprises volunteers who contribute when possible, so please
have patience :bow:

[^1]: The `v1.22.x` series will receive bug fixes and security
  patches only.