We actively support security updates for the current version of this project. Please ensure you're using the latest version.
If you discover a security vulnerability, please do not open a public issue. Instead, please report it using GitHub Security Advisories:
- Navigate to the Security tab of this repository
- Click on "Advisories"
- Click "Report a vulnerability" to create a private security advisory
Alternatively, you can directly access the Report a vulnerability page.
Please include the following information in your report:
- Description of the vulnerability
- Steps to reproduce the issue
- Potential impact
- Suggested fix (if any)
We will acknowledge receipt of your report within 48 hours and provide an update on the status of the vulnerability within 7 days.
- We will acknowledge receipt of your vulnerability report
- We will confirm the issue and assess its severity
- We will work on a fix and keep you informed of progress
- Once a fix is ready, we will release it and credit you (unless you prefer to remain anonymous)