We are a small team and will do our best to provide patches for supported versions of our project.
If you discover a security vulnerability, please contact us directly at either [email protected] or [email protected]. Do not file a public issue as this makes the vulnerability immediately visible to everyone.
To help us understand the issue, please include as much of the following information as possible:
- A description of the vulnerability and its impact
- Steps to reproduce the vulnerability
- Any relevant logs or screenshots
- Potential mitigations or workarounds
We will acknowledge your report as soon as possible and will work with you to understand the severity and impact of the issue. Once we have a fix, we will coordinate the release of the fix and will credit you for your discovery if you wish.
Even though our team is small, we adhere to the following best practices to ensure the security of our project and its users:
- Regularly update dependencies and monitor for known vulnerabilities.
- Use secure coding practices and review code for potential security issues.
- Educate ourselves on security best practices.
Thank you for helping us keep our project secure.