Please do not open a public issue for security vulnerabilities.
Report privately through GitHub's Privately report a vulnerability feature (the repo's Security tab → Report a vulnerability), or email doug@dougmealing.com.
Please include:
- affected package(s) and version(s),
- a description of the issue and its impact,
- reproduction steps (a minimal metadata sample or failing fixture is ideal).
We'll acknowledge your report within a few business days and keep you updated on the fix and disclosure timeline.
MetaObjects is pre-1.0 and ships from the main line. Security fixes target the latest
released version of each language package (npm, NuGet, Maven Central, PyPI). Please
verify against the latest release before reporting.