Please do not open a public issue for security vulnerabilities.

Report security issues privately via GitHub's private vulnerability reporting or by emailing the maintainers directly.

We will:

1. Acknowledge the report within 48 hours
2. Investigate and keep you updated on progress
3. Credit you in the fix (unless you prefer otherwise)

Thank you for helping keep this project secure.