Please do not disclose security-related issues publicly.

Your help in identifying and reporting security vulnerabilities in our project is very much appreciated. We take all reports seriously.

If you discover a vulnerability, please do not publish it publicly. Instead, we kindly ask you to report it using a private vulnerability report on GitHub.

Once we have received your report, we will work to validate and reproduce the issue. After we have confirmed the vulnerability, we will:

• Work on a fix and release timeline.
• Notify you when the fix has been implemented.
• Credit you for discovering the vulnerability (unless you don't want us to).