Security fixes are provided for the latest published release.
If you discover a security issue:
- Prefer opening a private GitHub Security Advisory in this repository (for example, via the repository's Security tab or Report a vulnerability link).
- If you cannot use GitHub Security Advisories, open a GitHub issue containing only non-sensitive metadata (for example, that you have found a potential security issue) and explicitly request a private contact channel. Do not include any technical details, reproduction steps, logs, or exploit information in the public issue.
Please do not post exploit details publicly before maintainers have a chance to assess and respond.
Security communication for this project is handled through GitHub only. No email contact is provided.