We take the security of our users seriously.
If you discover a vulnerability or security issue, please do not report it publicly via Issues or Pull Requests.
Instead, please follow the steps below to report it securely:
- Send an email to the following address:
- Please include
[SECURITY]in the subject line. - In your report, please provide as much detail as possible, including:
- A description of the issue
- Steps to reproduce it
- The scope and potential impact (e.g., all users or only under specific conditions)
- Suggested remediation if available
We will acknowledge your report as quickly as possible and work to resolve the issue.
We ask that you keep the details confidential until a fix is released.
We only provide security updates for the latest released version.
Older versions are considered unsupported.
This project follows basic security best practices, including:
- Regularly updating third-party dependencies
- Running dependency vulnerability scans via GitHub Actions
- Ensuring no sensitive information (e.g., API tokens) is included in the source code
- Validating user-provided input appropriately
This project is provided as Open Source Software, and is distributed "AS IS" without warranties of any kind.
We are not liable for any damages arising from the use of this software.
🛡️ Thank you for helping to keep this project secure!