The master branch is the actively maintained branch.
Please do not open public issues for security vulnerabilities.
Use GitHub's private vulnerability reporting:
- Go to the repository's Security tab.
- Click Report a vulnerability.
- Provide reproduction steps, impact, and affected versions.
You can expect an initial response within 5 business days.
Please report vulnerabilities related to:
- Privilege escalation
- Unsafe input handling
- Configuration and file permission weaknesses
- Dependency vulnerabilities with practical impact