Please do not report security vulnerabilities through public GitHub issues.
If you believe you have found a vulnerability in this repository:
- use GitHub private vulnerability reporting if it is enabled for the repo
- otherwise contact the maintainers privately through GitHub before public disclosure
Please include:
- a clear description of the issue
- affected versions, commits, or files if known
- reproduction steps or a proof of concept when safe to share
- any suggested mitigations or impact details
We will review reports as quickly as possible and coordinate on disclosure once the issue is understood and a fix path is clear.