This project is pre-1.0. Security fixes are made against:

• the current main branch
• the most recent published crates.io release line

Older versions should be treated as unsupported unless explicitly noted in a release.

Do not open a public GitHub issue for a suspected security vulnerability.

Preferred path:

1. use GitHub private vulnerability reporting if it is available for this repository
2. otherwise contact the maintainer privately through GitHub before public disclosure

Please include:

• affected crate and version
• impact summary
• reproduction details
• any suggested fix or mitigation

I will aim to acknowledge reports quickly and coordinate a fix before public disclosure when practical.