We currently provide security updates only for the latest development on the main branch. We recommend all users stay on the most recent commit or release to ensure they have the latest security patches.

Please do not open public GitHub issues for security vulnerabilities.

If you discover a potential security flaw in this project, please report it privately through GitHub's native reporting tool. This allows us to resolve the issue before information is made public, protecting our users.

1. Navigate to the Security tab of this repository.
2. Click Advisories in the left sidebar.
3. Click Report a vulnerability to open a private draft advisory.

Using this tool allows us to collaborate on a fix in a private workspace before disclosing the issue publicly.

This repository uses GitHub CodeQL to automatically scan for vulnerabilities on every Pull Request. Results are monitored by the maintainers in the "Security" tab.