If you discover a security vulnerability in this project, please report it responsibly.
Do NOT open a public GitHub issue.
Instead, report the issue privately by emailing:
Please include the following information if possible:
- Description of the vulnerability
- Steps to reproduce
- Potential impact
- Suggested mitigation or fix (if known)
After receiving a vulnerability report, we will:
- Acknowledge receipt of the report
- Investigate the issue
- Determine severity and impact
- Develop and release a fix if necessary
We aim to respond to reports within 5 business days.
We request that security researchers:
- Do not publicly disclose the vulnerability until a fix is available
- Allow reasonable time for investigation and remediation
- Avoid exploiting the vulnerability beyond what is necessary to demonstrate the issue
Security updates are generally provided for the most recent release of this project. Older versions may not receive security patches.
When a vulnerability is fixed, updates will be published through the repository's release process and documented in the release notes.
For general security questions related to this project, contact: