If you identify a vulnerability you believe to be appropriate for disclosure to the public, do not hesitate to open an Issue on GitHub.
If you identify a vulnerability which you believe to be too critical to raise as a GitHub Issue, such as one which would require coordinated disclosure, please check our security.txt for a valid address at which we can be contacted, or to validate communications you may receive from us using our public key.
As vulnerabilities are found, we will publish a list of acknowledgements here.
name | date | commit fix |
---|---|---|