Thank you for helping keep @kahitsan/ksui and its users safe. We really appreciate it.

A security issue is a bug that could let someone do something harmful. For example, it could let someone steal data, run code they should not be allowed to run, or break into an app that uses our components.

If you are not sure whether something counts as a security issue, please treat it as one and tell us privately. We would rather hear about it and decide together.

Please do not post security problems in our public GitHub issues. A public issue tells attackers about the hole before we have had a chance to fix it. That puts other users at risk. Use the private path below instead.

Please use one private path. Go to the Security tab on our repo at https://github.com/KahitSan/ksui and click the "Report a vulnerability" button. This opens a private report that only the KahitSan team can see.

If you cannot use that button for any reason, you can email us at security@kahitsan.com.

To help us fix the problem fast, please tell us:

• What the problem is, in your own words.
• The steps to reproduce it, so we can see it ourselves.
• Which version of @kahitsan/ksui you tested.
• What could go wrong if someone used this problem.

A small proof example, like a short code snippet, helps a lot.

We will confirm that we got your report within a few days. We will keep you updated as we look into it, and we will tell you when it is fixed. We will be honest about timing. We cannot promise a fix in a set number of hours, but we will not leave you in the dark.

We generally fix security issues in the latest version published on npm. If you are on an older version, please update to the latest one first.

Please wait until we release a fix before you share the details of the problem in public. This gives users time to update and stay safe. Thank you for doing this.

We are grateful for responsible reports. If you would like, we are happy to credit you when we publish the fix.