This is a community project; we aim to keep main secure. Please report issues and we will address them as time permits.
Please open a private security advisory or email the maintainers instead of filing a public issue. If email is unavailable, open an issue with minimal details and request a maintainer contact you privately.
When reporting, include:
- A clear description of the issue and impact
- Steps to reproduce
- A minimal proof of concept if possible
- Affected versions/commits
We will confirm receipt within a reasonable time and coordinate a fix and disclosure timeline.