We take the security of pipfile seriously. If you believe you've
identified a security issue in it, please report it to
donald@stufft.io. Message may be encrypted with PGP using key
fingerprint 7C6B 7C5D 5E2B 6356 A926 F04F 6E3C BCE9 3372 DCFA (this public
key is available from most commonly-used key servers).
Once you've submitted an issue via email, you should receive an acknowledgment within 48 hours, and depending on the action to be taken, you may receive further follow-up emails.