If you discover a vulnerability, we would like to know about it so we can take steps to address it as quickly as possible. We request that you do not publicize the vulnerability before giving us a chance to address it.

To report a security vulnerability, please send an email to [email protected]. The email should include:

• A description of the vulnerability
• Steps for reproducing the vulnerability, if applicable
• Your name (optional), or anonymous if you prefer

We don’t currently have a bounty program in place, but we deeply appreciate every report. Responsible disclosures help keep the whole community safe — thank you for looking out for everyone!