If you discover a security vulnerability, please DO NOT create a public issue.

Instead, please email: quangminh2402.dev@gmail.com

Include:

1. Detailed description of the vulnerability
2. Steps to reproduce
3. Potential impact
4. Suggested fix (if any)

You will receive acknowledgment within 48 hours.

• Regular dependency updates via Renovate
• Pre-commit hooks with gitleaks for secret detection
• GitHub Actions SHA-pinned for supply chain security
• Branch protection via repository rulesets
• SSRF protection on all outbound HTTP (DNS pinning + IP validation)
• Private package with restricted access