This project is maintained on a best-effort basis. Security fixes (if any) will be released as soon as practical.

Please do not open a public issue for security-sensitive reports.

Instead, contact the maintainer privately:

• Open a GitHub issue only if the report is not security-sensitive.
• If you need a private channel, use GitHub's "Report a vulnerability" (Security tab) if enabled, or reach out via the contact info listed in the repository README.

When reporting, please include:

• A clear description and impact
• Steps to reproduce (proof-of-concept if possible)
• Affected versions/commits

We will acknowledge receipt and work with you on a fix timeline.