• Do not open public issues for vulnerabilities.
• Email: [email protected]
• Include: affected repo, version/commit, impact, reproduction (if safe)

We aim to acknowledge in a reasonable timeframe.