Please do not report security vulnerabilities through public GitHub issues.

Instead, please report security vulnerabilities by email to delatte.hugo@gmail.com.

If the security vulnerability is accepted, a patch will be crafted privately in order to prepare a dedicated bugfix release as timely as possible (depending on the complexity of the fix).

In addition to sending the report by email, you can also report security vulnerabilities to tidelift.