To report a security issue, please email [email protected] with a description of the issue, the steps you took to create the issue, affected versions, and if known, mitigations for the issue. Our vulnerability management team will acknowledge receiving your email within 3 working days. This project follows a 90 day disclosure timeline.

We are following the Google's oss-vulnerability-guide SECURITY.md template.