Report security issues to the maintainer via email (see GitHub profile) or open a private security advisory on the repository.
Please do not open a public issue for security vulnerabilities.
Response target: acknowledgement within 5 business days, resolution within 30 days for confirmed issues.