Projects without releases (on the github/git page) do not receive security updates and are typically internal ressources. Please contact us if you think this is an error for a certain repo.
Projects with a lower than 0 (semantic) do not formally receive security updates. Projects with a release higher than 0 (semantic) receive security updates for the current major release and the main branch if not statet otherwise.
We appreciate vulnerabilty reports and are receiving them on [email protected] / [email protected]. If you wish to use PGP please use the key listed on mjmair.com / keybase.