Supported releases are the latest v1.x release and the current main branch.
Do not open a public issue for a vulnerability. Use GitHub's private vulnerability reporting for JunggiKim/cpd-diff. Include affected version, reproduction steps, impact, and any suggested mitigation. You should receive an initial response within seven days.
Engine downloads are restricted by origin and SHA-256 digest. A digest change requires an explicit source change and review. Never bypass verification or use pull_request_target for untrusted code.