Pacsea provides security updates for the current minor release line.
| Version | Supported |
|---|---|
| 0.7.0 | ✅ |
| < 0.7.0 | ❌ |
If you believe you’ve found a security issue in Pacsea, please report it responsibly.
- Preferred: Email firstpick1992@proton.me with the subject "[Pacsea Security]".
- Alternative: If email isn’t possible, open a GitHub issue with minimal details and include the word "Security" in the title. We’ll triage and, if appropriate, coordinate privately.
Please include, when possible:
- Pacsea version (e.g., 0.4.x) and install method (pacsea-bin, pacsea-git, source)
- Arch Linux version and environment details (Wayland/X11, terminal, AUR helper)
- Reproduction steps and expected vs. actual behavior
- Impact assessment and a proof-of-concept if available
- Any relevant logs or screenshots
What to expect:
- Acknowledgement within 3 business days
- Status updates at least weekly until resolution
- Coordinated disclosure: we’ll work with you on timing and credit (or anonymity if you prefer)
Out of scope:
- Issues in third-party AUR helpers (e.g., paru, yay) or Arch mirrors
- Non-security bugs (please use regular GitHub issues)
Thank you for helping keep Pacsea and its users safe.