If you discover a security vulnerability in this project, please report it responsibly.
Do NOT open a public GitHub issue for security vulnerabilities.
Instead, please use GitHub's private vulnerability reporting to submit your report.
You can expect:
- Acknowledgment within 48 hours
- Status update within 7 days
- Resolution timeline based on severity
Only the latest version on the main branch is actively maintained.
This project uses:
- GitHub Dependabot for automated dependency updates
- GitHub secret scanning with push protection
- Pinned GitHub Actions (commit SHA, not mutable tags)