We take security seriously. If you discover a security vulnerability, please report it responsibly.
- Do not open a public issue for security vulnerabilities
- Email the maintainers directly or use GitHub's private vulnerability reporting feature
- Include detailed information about the vulnerability:
- Description of the issue
- Steps to reproduce
- Potential impact
- Suggested fix (if any)
- Acknowledgment of your report within 48 hours
- Regular updates on the progress of addressing the issue
- Credit for responsible disclosure (if desired)
| Version | Supported |
|---|---|
| Latest | ✅ |
| Older | ❌ |
When contributing, please ensure:
- No hardcoded secrets or credentials in code
- Dependencies are kept up to date
- Input validation is properly implemented
- Sensitive data is handled securely
We follow a coordinated disclosure process. Please allow reasonable time for us to address vulnerabilities before public disclosure.
Thank you for helping keep our project and community safe.