Skip to content

Security Policy

Supported Versions

Security updates are provided for the latest main branch and the most recent published releases.

Reporting a Vulnerability

If you discover a security issue, please report it privately (i.e. don't open an issue).

  • Contact: open a GitHub Security Advisory or email the maintainer.
  • Include: a clear description, steps to reproduce, affected versions, and any potential impact.

Please do not disclose the issue publicly until it has been addressed.

Disclosure Process

After receiving a report, we will: - Acknowledge receipt - Investigate and provide an estimated timeline - Release a fix and coordinate public disclosure