This project is early-stage. Security fixes are applied on a best-effort basis to the latest development version.
Please do not open a public GitHub issue for a security vulnerability.
Report it privately to the maintainer through GitHub security advisories or the repository owner's direct contact channel if one is available.
When reporting, include:
- affected version or commit SHA
- impact summary
- reproduction details
- proof of concept if available
- suggested mitigation if known
You can expect an initial acknowledgement within a reasonable best-effort window. Fix timelines depend on severity and maintainer availability.