fln is a command-line tool that runs locally on your machine. It:

• Reads files from your filesystem
• Writes output files locally
• Does NOT send any data to external services
• Does NOT execute arbitrary code from your project

Only the latest release receives security updates. Please upgrade to the latest version before reporting issues.

Please do NOT open public issues for security vulnerabilities.

Instead:

1. Use GitHub Security Advisories for private reporting
2. Include:
   • Clear description of the vulnerability
   • Steps to reproduce
   • Potential impact
   • Suggested fix (if any)

I aim to respond within 3-5 business days and will work with you to address confirmed vulnerabilities.

When using fln:

• Review exclude patterns before running on sensitive projects
• Use --dry-run first to preview what will be included
• Be careful when sharing generated output files (they contain your code)
• Don't commit .fln.json config if it contains sensitive paths