We take security vulnerabilities seriously. If you discover a security issue in this project, please report it responsibly.

Do not open a public GitHub issue for security vulnerabilities.

Instead, please report it via one of the following methods:

• Open a private security advisory on GitHub using the Security Advisories page.
• Email the maintainer directly if you cannot use GitHub's advisory feature.

Please include the following information in your report:

• A description of the vulnerability
• Steps to reproduce the issue
• The potential impact of the vulnerability
• Any suggested mitigations or fixes

• We will acknowledge receipt of your report within 48 hours.
• We will provide a more detailed response within 7 days indicating the next steps.
• We will keep you informed of the progress towards a fix.

We ask that you:

• Give us a reasonable amount of time to fix the issue before public disclosure.
• Make a good faith effort to avoid privacy destruction, data loss, or service interruption.
• Not exploit the vulnerability beyond what is necessary to demonstrate it.

We appreciate your help in keeping this project secure.