# Security Policy

## Supported Versions

Updates are provided according to table below.

| Version | Security Updates   |  Feature Updates   |  Bug Fixes         |
| ------- | ------------------ | ------------------ | ------------------ |
| 5.x     | :white_check_mark: | :white_check_mark: | :white_check_mark: |
| 4.1.x   | :white_check_mark: | :x:                | :x:                |
| 4.0.x   | :white_check_mark: | :x:                | :x:                |
| 3.6.x   | :x:                | :x:                | :x:                |
| 3.5.x   | :x:                | :x:                | :x:                |
| 3.4.x   | :x:                | :x:                | :x:                |
| < 3.4   | :x:                | :x:                | :x:                |

## Reporting a Vulnerability

If you discover any security related issues, please email hello@tabacitu.ro instead of using the issue tracker.

## Past Vulnerabilities

Please note that even though Backpack has only had minor reported security issues, its dependencies _have_ had security flaws discovered and fixed - even major ones like Laravel, Bootstrap and jQuery. That's why it's a good idea for any project to be reasonably up-to-date. If we consider a security issue is something that affects our users, we'll email you.  Please **[subscribe to the Backpack Newsletter](http://backpackforlaravel.com/newsletter)** so you can find out about any security updates, breaking changes or major features. We only send an email 1-2 emails per year. Sometimes less.

**Past security issues:**
- 2021 
    - March - [Security Issue If You Use SQL Server (May Affect <0.02% Backpack Projects)](https://backpackforlaravel.com/articles/news/possible-security-issue-especially-important-if-you-use-sql-server)
- 2020 - none
- 2019 - none
- 2018 - none
- 2017 - none
- 2016 - none