Please do not report security vulnerabilities via public GitHub issues, pull requests, or discussions.

Instead, use GitHub Private Vulnerability Reporting for this repository:

• Go to the repository Security tab → Report a vulnerability

This allows us to receive reports privately and coordinate a fix before public disclosure.

This policy applies to the ProtVista-UniProt software and related packages published from this repository.

To help us investigate quickly, please include:

• A clear description of the issue and potential impact
• Steps to reproduce (proof-of-concept if available)
• Affected versions/commits (if known)
• Any suggested mitigation or fix (optional)

We will assess reports on a best-effort basis and coordinate disclosure once a fix or mitigation is available.

Security fixes will be released through the normal release process (e.g., GitHub Releases and/or npm) and documented in release notes where appropriate.