To report a security issue, you can either:
- Privately report a vulnerability through repository's Security tab by clicking "Report a vulnerability".
- Email us at [email protected].
Please, make sure to provide a description of the issue, the steps you took to create the issue, affected versions, and, if known, mitigations for the issue.
If the issue is confirmed as a vulnerability, we will open a Security Advisory and acknowledge your contributions as part of it.