| Version | Supported |
|---|---|
| Latest | ✅ Yes |
| Older | ❌ No |
We recommend always using the latest published version of TypeSharp.
Please do not report security vulnerabilities via public GitHub issues.
If you discover a security vulnerability, report it responsibly by opening a GitHub Security Advisory in the repository.
Include:
- A description of the vulnerability
- Steps to reproduce
- Potential impact
- Any suggested fixes (optional)
We will acknowledge your report within 72 hours and aim to resolve confirmed vulnerabilities promptly.
This policy applies to:
typesharp-cli/typesharp— the core CLI tooltypesharp-cli/TypeSharp.Attributes— the attributes NuGet package
TypeSharp is a code generation tool and does not handle authentication, user data, or network requests at runtime. The primary security concern is around safe parsing of C# source files and safe file output.