Security fixes are applied to the latest published version of NoPilot.
Please avoid posting sensitive vulnerability details in a public GitHub issue.
- If GitHub private vulnerability reporting is available for this repository, use it.
- Otherwise, open a GitHub issue with minimal detail and clearly state that you need a private follow-up channel.
Please include:
- the affected NoPilot version
- your VS Code version and OS
- the configured provider involved, if relevant
- clear reproduction steps
- impact assessment and any proof-of-concept details that help validate the issue
We will triage reports as quickly as possible and coordinate on remediation before public disclosure when appropriate.