Please do not report security vulnerabilities through public GitHub issues.
Instead, use one of the following:
- GitHub Security Advisories: If this repository has the "Report a vulnerability" option enabled, use it to open a private report.
- Private contact: If advisories are not available, contact the maintainers privately (for example, via the repository owner's email on GitHub).
When reporting, include:
- A clear description of the issue and potential impact
- Steps to reproduce (proof-of-concept if possible)
- Affected files/components and any relevant configuration
Security fixes are provided for the default branch (main/master) only.