Please do NOT report security vulnerabilities through public GitHub issues.

Instead, use one of the following methods:

1. GitHub Private Vulnerability Reporting (preferred): Go to the Security Advisories page and click "Report a vulnerability".

2. Email: Send details to gnodet@gmail.com.

• Description of the vulnerability
• Steps to reproduce
• Affected version(s)
• Any potential impact assessment

• Acknowledgment: Within 48 hours
• Initial assessment: Within 1 week
• Fix timeline: Depends on severity, but we aim for patches within 30 days for critical issues

We follow coordinated disclosure. We will work with you on a timeline for public disclosure after a fix is available.