Security matters for this project because it sits at the front door of an admin area.
| Version | Supported |
|---|---|
v1.0.x |
Yes |
Please do not publish sensitive security details in a public issue.
If GitHub private vulnerability reporting is enabled for the repository, use that first. Otherwise, contact the repository owner privately through GitHub and share:
- A short description of the issue.
- The affected file or flow.
- Steps to reproduce.
- The impact.
- Any suggested fix.
For non-sensitive hardening ideas, open a normal issue and label it security.
The full code-level review lives in docs/SECURITY.md.