If you discover a security vulnerability, please report it responsibly.

Do not open a public issue.

Instead, please use GitHub Security Advisories to report the vulnerability privately.

You can expect an initial response within 72 hours.