Security Policy

Reporting a Vulnerability

If you discover a security vulnerability, we would be very grateful if you could email us at [email protected]. This is the preferred approach instead of opening a public issue. We take all vulnerability reports seriously, and will work to patch the vulnerability immediately. Whenever possible, we will credit the person or people who report the security vulnerabilities after it has been patched.