Please do not use public GitHub issues, discussions, or pull requests for security reports.
For suspected vulnerabilities, please use GitHub Private Vulnerability Reporting via the repository's Security tab.
- Description of the vulnerability
- Affected area and versions, if known
- Reproduction steps or proof of concept
- Expected impact
- Suggested remediation, if available
Please allow time for investigation and remediation before public disclosure. We will try to acknowledge reports within a timely manor.
Please do not post undisclosed vulnerabilities in:
- GitHub Issues
- GitHub Discussions
- Pull Requests