If you discover a security vulnerability in this project, please report it responsibly.

Do not open a public GitHub issue for security vulnerabilities.

Instead, please use GitHub's private vulnerability reporting to submit your report.

• Acknowledgement within 48 hours of your report.
• Status update within 7 days with an assessment and remediation timeline.
• Credit in the release notes (unless you prefer to remain anonymous).

Thank you for helping keep this project and its users safe.