Please do not open a public GitHub issue for security vulnerabilities.

Report vulnerabilities privately via GitHub Security Advisories.

You can expect:

• Acknowledgement within 48 hours
• A fix or mitigation plan within 14 days for confirmed vulnerabilities
• Credit in the release notes if you wish