Security patches are not currently being applied. As stated in the code, do not use this project in real-world settings.
If you would like to report a security vulnerability, please contact me as listed below. Note that I do not pay for bugs; however, I may promote researchers who discover bugs (if they so wish).
I follow the principles outlined in ISO 29147 (Vulnerability Disclosure) and ISO 30111 (Vulnerability Handling Processes)
Contact: mailto:andrew.sanford@byu.edu Preferred-Languages: en Canonical: https://andrewnsanford.com/security.txt