I take the security of my software and services serious, which includes all my repositories.

If you believe you have found a security vulnerability in any of my repositories, please report it as described below.

Please do not report security vulnerabilities through public GitHub issues. This is a security risk itself, as it could allow malicious users to exploit the vulnerability before it is fixed.

Instead, please open a Draft Security Advisory.

Please include the requested information listed below (as much as you can provide) to help me better understand the nature and scope of the vulnerability:

• Type of issue (e.g., buffer overflow, SQL injection, cross-site scripting, credentials stored in code, etc.).
• Full paths of source file(s) related to the manifestation of the issue.
• The location of the affected source code (tag/branch/commit or direct URL).
• Any special configuration required to reproduce the issue.
• Step-by-step instructions to reproduce the issue.
• Proof-of-concept or exploit code (if possible).
• Impact of the issue, including how an attacker might exploit the issue.

This information will help me to understand your report more quickly.

I prefer all communications to be in English. This helps to ensure that vulnerabilities are understood and can be addressed quickly.