Please do not open a public GitHub issue for security vulnerabilities.
Use GitHub's private vulnerability reporting to report a security issue. This keeps the details confidential until a fix is available.
Include as much of the following as possible:
- Description of the vulnerability
- Steps to reproduce
- Potential impact
- Suggested fix (if any)
I aim to acknowledge reports within 48 hours and provide a fix or mitigation plan within 7 days for critical issues.
Security fixes are applied to the latest major version only. Please ensure you are on a current release before reporting.
| Version | Supported |
|---|---|
| Latest | Yes |
| Older | No |