# Security Policy

## Supported Versions

| Version | Supported          |
| ------- | ------------------ |
| 0.x     | :white_check_mark: |

## Reporting a Vulnerability

_Please do not report security vulnerabilities through public GitHub issues._

Instead, report a vulnerability through GitHub's security advisory feature at
https://github.com/carbon-design-system/carbon-components-svelte/security/advisories/new

Please include a description of the issue, the steps you took to create the
issue, affected versions, and, if known, mitigations for the issue. Our team
aims to respond to all new vulnerability reports within 7 business days.

Additional information on reporting vulnerabilities to IBM is available at
https://www.ibm.com/trust/security-psirt

## Preferred languages

We prefer all communications to be in English.

## Comments on this policy

If you have suggestions on how this process could be improved please
[submit a pull request](https://github.com/carbon-design-system/carbon-components-svelte/compare)
or [file an issue](https://github.com/carbon-design-system/carbon-components-svelte/issues/new) to
discuss.