Please do not open public issues for security vulnerabilities.
- Use GitHub Security Advisories to privately report a vulnerability to maintainers.
- If Security Advisories are unavailable, open a GitHub issue with the
securitylabel and limited detail; a maintainer will follow up privately.
This project is under active development. We aim to patch the latest release and main branch.
- Do not include secrets in code or logs.
- Prefer environment variables and secret stores.
- Follow least-privilege principles for any infrastructure.