autent is still in an early pre-v1 phase. Security fixes will be made against the current main development line and the most recent tagged release line when practical.

Please do not open a public issue for a potential security problem.

Instead:

1. if GitHub private vulnerability reporting is enabled for the repository, use that mechanism first
2. otherwise email the maintainer at evanmschultz@gmail.com
3. describe the issue, impact, and any reproduction details you have
4. wait for confirmation before any public disclosure

Please allow a reasonable window for investigation, fix development, and coordinated disclosure before publishing details publicly.