To-do.
If you believe you have discovered a security vulnerability, please do not open a public issue.
Instead, report it privately through GitHub's Security Advisories feature. This ensures responsible disclosure and gives us time to investigate and patch the issue before public disclosure.
Use the GitHub Security Advisory form for any of the following:
- Unauthorized access or privilege escalation
- Data leakage or exposure of sensitive information
- Authentication bypass or injection attacks
- Remote code execution or critical denial-of-service risks
- You will receive an acknowledgment within 48 hours
- We aim to provide an initial assessment within 5 business days
- Accepted vulnerabilities will be patched, with credit given upon request
For all non-security-related issues (bugs, performance problems, feature requests, documentation errors, etc.), please use the standard GitHub Issues page.
This helps the project maintain transparency and allows the community to contribute to resolution.
Thank you for helping keep my project secure!