If you discover a security issue in dbt-forge, do not open a public issue.
Use GitHub private vulnerability reporting for the repository if it is enabled. If that is not available, contact the maintainer through the repository owner profile and include:
- a clear description of the issue
- affected versions or commit range
- reproduction steps or a minimal proof of concept
- any suggested remediation
The project will aim to acknowledge reports promptly and coordinate a fix before public disclosure.