Most repositories here are static sites, Markdown notes, or data files. If you believe you have found a security vulnerability in a code repository or build workflow:

• Do not open a public issue with details.
• Please report privately to security@fromgravelhill.ca with:
  • Repository name and affected files
  • Description of the issue
  • Steps to reproduce (if applicable)
  • Suggested remediation (optional)

We will acknowledge receipt and follow up as needed.