The security of this project is a top priority. I appreciate your efforts to responsibly disclose vulnerabilities and will make every effort to acknowledge your contributions.
To report a security issue, please use GitHub’s Security Advisory feature by navigating to the “Security” tab in the repository and selecting “Report a Vulnerability”.
I will respond with the next steps in handling your report. After the initial reply, I will keep you updated on progress towards a fix and its eventual disclosure. Additional information or guidance may be requested during this process.
For security bugs in third-party dependencies, report the issue to the respective maintainers. If applicable, vulnerabilities in npm packages can be reported using the npm contact form by selecting “I’m reporting a security vulnerability”.
To learn more about best practices for securing applications, consult the following resources: