Security fixes are provided for the latest released version on the default branch.
Please do not open a public issue for vulnerabilities.
Report security issues privately by contacting the maintainers directly. Include:
- Affected version/commit
- Reproduction steps
- Potential impact
- Suggested mitigation (if known)
We will acknowledge reports promptly and coordinate disclosure after a fix is available.