Security fixes are currently prioritized for:

• The latest main branch state

Please do not open public issues for security vulnerabilities.

Preferred reporting path:

1. Open a private advisory report (if enabled): GitHub Security Advisories
2. If private advisories are unavailable, contact the maintainer directly: @ShreeBohara

Include:

• Affected component and file paths
• Reproduction steps / proof of concept
• Impact assessment (confidentiality/integrity/availability)
• Suggested mitigation (if available)

• Acknowledgement target: within 72 hours
• Initial triage target: within 7 days
• Fix timeline depends on severity and complexity

Please allow time for remediation before public disclosure. Once fixed, we will credit responsible disclosure when requested.