We aim to support the main branch.

Please do not create public issues for security vulnerabilities.

• If the repository is on GitHub, use "Report a vulnerability" to open a private advisory.
• If that's unavailable, contact the maintainer via their GitHub profile.

We will acknowledge receipt within 72 hours and provide a timeline for a fix after triage.