We take security seriously. If you discover a vulnerability, please follow the guidelines below to report it to us responsibly.

Currently only v0.12.0 or newer is supported.

If you find a security-related bug in this project, we kindly ask you for responsible disclosure and for giving us appropriate time to react, analyze and develop a fix to mitigate the found security vulnerability.

Please report any vulnerability privately using the GitHub security advisory report.

We appreciate and acknowledge responsible reporters publicly (unless requested otherwise) in our security advisories and contributors list.