If you believe you have found a security vulnerability, we encourage you to let us know right away.

Please do not open GitHub issues or pull requests - this makes the problem immediately visible to everyone, including malicious actors.

Email [email protected] to disclose any security vulnerabilities.

We will investigate all legitimate reports and do our best to quickly fix the problem.