If you discover a security vulnerability in this project, please report it responsibly.
- Do NOT open a public issue
- Send a detailed report via:
- GitHub Security Advisories (preferred): Navigate to the Security tab → Report a vulnerability
- Or contact the maintainers directly through private channels
- Description of the vulnerability
- Steps to reproduce the issue
- Potential impact
- Suggested fix (if available)
- We aim to acknowledge receipt of your vulnerability report within 48 hours
- We will provide a detailed response within 7 days indicating the next steps
- We will keep you informed about the progress toward a fix
Please note which versions of this project are currently being supported with security updates in your project documentation.
- Please give us reasonable time to fix the vulnerability before any public disclosure
- We will credit you for the discovery (unless you prefer to remain anonymous)
Thank you for helping to keep this project and its users safe!