Security fixes are applied to the latest release on main.
Please do not report security vulnerabilities in public issues.
Use GitHub's private vulnerability reporting flow for FixMap:
https://github.com/aryamthecodebreaker/FixMap/security/advisories/new
Include a clear description, reproduction steps, affected files or workflows, and the potential impact. We will acknowledge a valid report, investigate it privately, and coordinate a fix before disclosure when appropriate.
FixMap is local-first. The CLI and Action should not send repository source code to third-party services by default. Changes that affect tokens, GitHub permissions, generated Action code, or network behavior receive extra review.