We take security issues seriously. Please follow the guidance below if you believe you've found a vulnerability.

Supported Versions

• Only the latest version of this project is actively supported. Security fixes will be applied to the latest release; older releases may not receive patches.

Reporting a Vulnerability

1. If your report is sensitive, use GitHub's Security Advisories mechanism to privately disclose the issue to the repository maintainers.
2. If Security Advisories are not available, open a GitHub issue and mark it clearly as security in the title and description. Do not include sensitive exploit details or proof-of-concept code in a public issue; instead request a private channel.

Information to include

• A clear description of the vulnerability and affected components.
• Steps to reproduce (if non-sensitive), or a summary of impact if reproduction is sensitive.
• Affected versions and any relevant environment details.

Response

The maintainers will triage security reports and respond with next steps. For confirmed issues, a coordinated disclosure and patch will be provided on the latest supported release.

Thank you for helping keep this project secure.