Please report security vulnerabilities privately.
- Preferred: Use GitHub Security Advisories for this repository (the “Report a vulnerability” link).
- If you cannot use GitHub advisories, open a GitHub issue with minimal details and request a private channel.
Please include:
- A clear description of the issue and impact
- Steps to reproduce (proof-of-concept if available)
- Affected versions / commit hash
- Any suggested mitigation
Security fixes will be provided on a best-effort basis for the latest released version.