If you discover a security vulnerability, please report it through GitHub Security Advisories.

Do not open a public issue for security vulnerabilities.

We will acknowledge receipt within 48 hours and aim to release a fix within 7 days for critical issues.