If you discover a security vulnerability in this project, please report it responsibly.
Do NOT open a public issue.
Instead, please create a private security advisory on this repository.
Include:
- A description of the vulnerability
- Steps to reproduce
- Potential impact
- Suggested fix (if any)
You should receive an initial response within 72 hours. Security fixes will be prioritized and released as soon as practical.
Only the latest release published to GHCR (ghcr.io/matthewdeaves/cookie:latest) is supported with security updates.