If you discover a vulnerability, please take the following steps:
- Do not create a public issue on GitHub.
- Instead, send an email detailing the vulnerability to our security team at antoine.boucher012@gmail.com. Please provide as much information as possible to help us understand the nature and scope of the potential issue.
- Expect an initial reply within 48 hours confirming that we have received your email, and we'll follow up with an assessment and plan for resolution within 96 hours.
- Please do not disclose the vulnerability to others until we've had a chance to address it.
- If the vulnerability is accepted, we will work on a fix and release it as part of our next patch version. We will also give you credit for the discovery in the release notes, unless you wish to remain anonymous.
- If the vulnerability is declined, we will provide an explanation as to why.
Your contribution to improving the security of our project is greatly appreciated.