Please do not report security vulnerabilities through public GitHub issues.

A responsible disclosure policy helps protect users of the project from public disclosure of security vulnerabilities without a fix available. We achieve that by following the process where vulnerabilities are first triaged in a private manner, and are only publicly disclosed after a reasonable time period of the patch being available for users.

We kindly ask you to refrain from malicious acts that put our users, the project, or any of the project’s team members at risk.

We consider the security of the project a top priority.

If you discover a security vulnerability, please use one of the following means of communications to report it to us:

• Email a report of the vulnerability to [email protected]

We sincerely appreciate your efforts to responsibly disclose your findings with us.