Security fixes are applied to the latest released version.
Please do not open public issues for security-sensitive problems.
Prefer GitHub's private vulnerability reporting for this repository. If that is not available yet, contact the maintainer privately through the repository owner's public GitHub profile and include:
- a clear description of the issue
- impact assessment
- reproduction steps
- any suggested mitigation
The maintainer will aim to acknowledge reports promptly and coordinate a fix before public disclosure where appropriate.