We take security seriously and appreciate your efforts to responsibly disclose any vulnerabilities. To ensure the security of our project and its users, please follow these guidelines when reporting security vulnerabilities.
If you discover a security vulnerability, please follow the steps below:
- Do Not Disclose Publicly: Do not create a public issue on GitHub or discuss the vulnerability in public forums.
- Contact Us Directly: Send an email to our security team at with the details of the vulnerability.
When reporting a vulnerability, please include the following information:
- Description: A detailed description of the vulnerability.
- Impact: The potential impact of the vulnerability on the project and its users.
- Reproduction Steps: Step-by-step instructions to reproduce the vulnerability.
- Potential Fixes: If possible, suggest a fix or mitigation for the vulnerability.
- Your Contact Information: Provide your contact information so we can reach you for further details or clarification.
- Acknowledgment: We will acknowledge receipt of your report within 48 hours.
- Assessment: We will assess the vulnerability and determine its impact.
- Resolution: If a fix is required, we will work on resolving the issue and provide updates on the progress.
- Disclosure: Once the vulnerability is resolved, we will work with you to coordinate the public disclosure. We aim to disclose vulnerabilities and their fixes in a responsible manner to ensure the safety of our users.
- Confidentiality: We will keep your report confidential and will not disclose your information without your consent.
- Credit: We will give you credit for reporting the vulnerability, if you wish to be acknowledged.
- Collaboration: We will work with you to understand the vulnerability and ensure it is resolved appropriately.
For any security-related concerns, please contact us at:
- Email:
- GitHub Issues: Do not use GitHub issues to report security vulnerabilities. Use the email provided above.
Thank you for helping us keep our project secure!