This package is published with npm provenance enabled. Provenance provides transparency about where and how the package was built, helping you verify its authenticity.

You can verify the provenance of this package by:

• Viewing the provenance attestation on the npm package page
• Checking the build details linked from the npm registry

Users are encouraged to scan this package for vulnerabilities using tools like:

• npm audit - Built-in npm security auditing tool
• Snyk - Comprehensive security scanning and monitoring
• Socket.dev - Supply chain security and malicious code detection

To report a security vulnerability, please use the Tidelift security contact. Tidelift will coordinate the fix and disclosure.

To report a malicious npm package, please use npm's guide.