To report a security issue, please use the GitHub Security tab.
For more information, please see GitHub's guidance about Privately reporting a security vulnerability.
If you'd prefer to use email, contact us at [email protected].
Please include a description of the issue, the steps you took to create the issue, affected versions, and, if known, mitigations for the issue.
Our security team will respond within 5 working days of your report.
If the issue is confirmed as a vulnerability, a security advisory will be created in GitHub by our security team.
This project follows a 90 day disclosure timeline.