Only the latest published version of @geosuite/geo-toolkit receives security fixes — please upgrade before reporting.

Report security issues privately — please don't open a public issue or PR.

• Preferred: GitHub private vulnerability reporting — Security → Report a vulnerability.
• Email: info@trygeosuite.it

Include a description and, where possible, a minimal reproduction. You'll get an acknowledgement within a few days; once confirmed and fixed, a patch release goes out and you're credited (unless you'd rather stay anonymous).

This policy covers vulnerabilities in @geosuite/geo-toolkit itself. If the issue stems from a dependency, please also report it upstream.