The project uses semver-like versioning following the configuration/output of the Ansible playbooks being the "API", features being feature updates to the playbooks/scripts, & patches being any bugs.
If you see some security please report to issue page.