Security fixes are prioritized for the latest published release.
Please report vulnerabilities privately.
Preferred channel:
- Open a private GitHub security advisory for this repository.
If advisory tooling is unavailable, open an issue with minimal details and request private contact. Do not include exploit details or sensitive information in a public issue.
Please include:
- A clear description of the issue
- Impact assessment
- Reproduction steps or proof of concept
- Affected versions
- Suggested remediation if available
- We will acknowledge receipt as soon as possible.
- We will validate, triage, and work on a fix.
- We may request additional technical details.
- We will publish a patch and release notes after remediation.