Security Policy
Supported Versions
| Version | Supported | EOL | Post-EOL / Enterprise | 
|---|---|---|---|
| 2.latest | ✅ | 04/2026 | Tidelift Subscription | 
| 1.latest | ✅ | 10/2025 | Tidelift Subscription | 
| <= 1 | ⛔ | ⛔ | ⛔ | 
EOL Policy
Non-commercial support for the oldest version of Ruby (which itself is going EOL) will be dropped each year in April.
Reporting a Vulnerability
To report a security vulnerability, please use the Tidelift security contact.
Tidelift will coordinate the fix and disclosure.
OAuth2 for Enterprise
Available as part of the Tidelift Subscription.
The maintainers of oauth2 and thousands of other packages are working with Tidelift to deliver commercial support and maintenance for the open source packages you use to build your applications. Save time, reduce risk, and improve code health, while paying the maintainers of the exact packages you use. Learn more.