We release security fixes for the latest version of this project. Please ensure you are running the most recent version before reporting a vulnerability.

Please do not report security vulnerabilities through public GitHub issues.

To report a security vulnerability, please use one of the following methods:

1. GitHub Private Vulnerability Reporting – Navigate to the Security tab of this repository and submit a private advisory.
2. Direct contact – If private reporting is unavailable, contact the maintainer directly via their GitHub profile.

Please include as much of the following information as possible to help us understand and resolve the issue quickly:

• Type of vulnerability (e.g., injection, privilege escalation, information disclosure)
• Full paths of source files related to the vulnerability
• Steps to reproduce or a proof-of-concept
• Potential impact of the vulnerability

We will acknowledge receipt of your report within 48 hours and aim to provide a fix or mitigation plan within 90 days, depending on severity and complexity.

We follow a coordinated disclosure model. Please allow us reasonable time to address a reported vulnerability before any public disclosure.

We deeply appreciate any effort to discover and disclose security vulnerabilities responsibly.