Handle reports of security issues confidentially and do not disclose them publicly. Submit them directly through the report a security vulnerability interface.
Important
Do not share the discovered issues with friends, acquaintances, or the public if possible! If we fix the issue before disclosing it publicly, we reduce the risk of those who become aware of it exploiting the problems for their own purposes.
Reports submitted in this manner will be reviewed as soon as possible.
Following the verification of the issue, we aim for a quick, private discussion and resolution through the GitHub Security Advisory.