If you discover a security vulnerability, we encourage you to report it as soon as possible to help keep our community and users safe. Please follow the guidelines below when reporting security issues.

• Email us at: [email protected]
• Provide as much detail as possible, including:
  • A detailed description of the vulnerability
  • The project and version affected
  • Steps to reproduce the vulnerability, if possible
  • Any potential impact or security risks
  • Your contact information for follow-up

We will respond to your report within 48 hours and will work with you to understand the issue and resolve it. A timeline for the fix will be provided depending on the severity of the issue.

• We prioritize fixing reported vulnerabilities as soon as possible.
• Affected projects will be updated with security patches, and users will be notified of the fix.
• Vulnerability disclosures will be managed responsibly to prevent exploitation.

We follow a coordinated disclosure process. After addressing the vulnerability, we will publicly disclose details once a fix has been released. We aim to disclose within 90 days of the initial report.

We appreciate and thank all contributors who report security vulnerabilities, making our projects safer for everyone.