We aim to support the latest minor version. Security fixes may be backported at maintainers’ discretion.

• Please email security@users.noreply.github.com with details.
• Do not create public GitHub issues for security vulnerabilities.
• We will acknowledge receipt within 48 hours and provide a timeline for a fix after triage.

Please act in good faith and give us a reasonable time frame to remediate before public disclosure.

If you require encryption, open an issue requesting a public key and we will provide one for secure communication.