We take the security of our project seriously and appreciate responsible disclosure of security vulnerabilities. If you discover a security issue, please report it to us as soon as possible.
To report a security vulnerability, please follow these steps:
- Do NOT open a public GitHub issue. Security vulnerabilities should be kept confidential until they are addressed.
- In your report, please provide as much detail as possible about the vulnerability, including:
- A clear and concise description of the vulnerability.
- Steps to reproduce the vulnerability.
- The version(s) of the project affected.
- Any potential impact or exploit scenarios.
- Your contact information, in case we need to reach you for more details.
We kindly request that you refrain from publicly disclosing the vulnerability until we have had a reasonable opportunity to address it and deploy a fix. We believe in coordinated disclosure to protect our users.
Thank you for helping us keep our project secure!