To report a vulnerability, please privately report it via the Security tab on the correct GitHub repository (see documentation). If that is impossible, feel free to send an email to julien.h.dev@gmail.com instead.
All security vulnerabilities will be promptly verified and addressed.
While the discovery of new vulnerabilities is rare, it is recommended to use the latest versions of dependencies by maintaining lock files (yarn.lock, package-lock.json and pnpm-lock.yaml) in order to ensure your application remains as secure as possible.