Security updates are provided for the latest version on the default branch.

If you believe you’ve found a security vulnerability, please report it privately so I can investigate and address it.

• Email: ckdake@ckdake.com

• GitHub: https://github.com/ckdake

To help me triage quickly, please include:

• A description of the vulnerability and its potential impact
• Steps to reproduce (proof-of-concept code or screenshots if helpful)
• Affected versions/branches/commits (if known)
• Any relevant logs, configuration, or stack traces (please redact secrets)
• Whether the issue can be exploited publicly or requires special access/conditions

• I’ll acknowledge receipt as soon as I can.
• I’ll investigate and work on a fix.
• Once a fix is available, I’ll publish an update and may note the issue in release notes or a changelog.

Please do not open a public GitHub issue, pull request, or discussion for security-related reports until I’ve confirmed it’s safe to do so.

If you have a suggested fix, you can:

1. Email the details first, and
2. Wait for confirmation before submitting a public PR.

This policy applies to:

• The pyrwgps source code and build/release artifacts in this repository
• Documentation and configuration files in this repository

Third-party services and dependencies may have their own security policies; please report upstream issues to the relevant maintainers as well.