We take security seriously and appreciate your help in keeping this project safe for everyone. If you discover a security vulnerability, please follow the steps below to report it responsibly.

If you believe you have found a security issue in this project, please DO NOT create a public GitHub issue. Instead, report it privately in GitHub Security Advisories.

• A clear and concise description of the vulnerability.
• Steps to reproduce the issue (if applicable).
• Any potential impact or risk assessment.
• Suggested fixes or mitigations (if known).

We will acknowledge your report within 48 hours and work to resolve the issue as quickly as possible.

We provide security updates for the following versions:

If you are using an unsupported version, we recommend upgrading to the latest release.

1. Report received – We acknowledge the report and begin investigating.
2. Assessment – We determine the severity and impact of the issue.
3. Fix development – A patch is created and tested privately.
4. Coordinated disclosure – We may work with security researchers or affected users to ensure a responsible disclosure.
5. Release – A patched version is released, and users are advised to update.

We kindly ask security researchers and contributors to report vulnerabilities privately before disclosing them publicly. This allows us to resolve the issue without exposing users to unnecessary risks.

We appreciate your help in making this project secure! 💙