Project maintainers and community contributors take security issues seriously. Efforts to disclose potential issues responsibly are appreciated, and viable contributions will be acknowledged. To aid investigation of any reported vulnerabilities, please follow the reporting guidelines when submitting your findings.

To report a suspected security issue, use private vulnerability reporting.

1. Click the Security tab
2. Click the Report a vulnerability button

Then provide the following information with suspected security issues:

• Your name and affiliation
• Version/build-date of project
• Issue description
• Steps to reproduce the issue
• Current public knowledge of this vulnerability (for example, related CVE, security advisory, and so on), if known

The project release notes contain acknowledgments for contributors who provide security-related insights in their commits.