If you have encountered a potential security vulnerability in this project, please report it to us at [email protected]. We will work with you to verify the vulnerability and patch it.

When reporting issues, please provide the following information:

• Component(s) affected
• A description indicating how to reproduce the issue
• A summary of the security vulnerability and impact
• Any other relevant information.

We request that you contact us via the email address above and give the project contributors a chance to resolve the vulnerability and issue a new release before any public exposure. This is to help protect the project's users and provides them with a chance to upgrade and/or update to protect their applications and systems.

If we verify a reported security vulnerability, our policy is:

• We will patch the current release branch.

• After patching the release branches, we will immediately issue a new security fix release.

• A security advisory will be released on the project website detailing the vulnerability, as well as recommendations for end-users to protect themselves. Security advisories will be posted in all release notes as well as any notification systems related to the project such as discord and X.