Security fixes are applied on a best-effort basis to the active main branch.
Please do not open public issues for sensitive vulnerabilities.
Instead, report privately to maintainers with:
- affected component and file path
- impact and severity assessment
- reproduction steps or proof of concept
- suggested remediation (if available)
- Acknowledge receipt
- Validate and triage severity
- Prepare and test a fix
- Release and document the patch
This project includes testing and research workflows; review integrations and generated artifacts before production use.