If you discover a security issue in this project, please report it privately so it can be addressed safely.

• Open a private GitHub issue labeled security if available.
• If private issues are not available, email the maintainers directly.

This project is actively maintained on the main or master branch. Security fixes are backported to supported release branches as needed.

1. Acknowledge receipt of the report.
2. Investigate the issue and determine severity.
3. Fix the vulnerability in a timely manner.
4. Publish a security advisory or release note, if appropriate.

Please provide as much information as possible, including:

• Description of the issue
• Steps to reproduce
• Impact and affected versions
• Proof of concept, if available

Do not publicly disclose security vulnerabilities until a fix is available.

If you cannot use GitHub’s private issue feature, contact the maintainers through the email address listed in the repository metadata or through GitHub profile contact details.