Security fixes are applied to the latest published prerelease and to the next release in progress on the default branch.
Please do not open a public issue for suspected vulnerabilities.
Report security issues by email to pedro@pisandelli.com with:
- a short description of the issue
- the affected package version
- reproduction steps or a proof of concept
- any suggested mitigation if you have one
You should receive an initial response within 5 business days. If the report is confirmed, a fix or mitigation plan will be shared before public disclosure.