If you discover a security vulnerability, please report it via GitHub's private vulnerability reporting feature:

1. Go to the Security tab of this repository
2. Click Report a vulnerability
3. Provide details about the vulnerability

Please do not open public issues for security vulnerabilities.

Reports are reviewed on a best-effort basis. There is no guaranteed response time, but confirmed security fixes will be prioritized over regular feature work.

Security updates will be released as soon as possible after a vulnerability is confirmed. Updates will be documented in the release notes.