Security updates are provided for the most recent minor release.

Pre‑v1 versions may receive breaking changes when necessary to address critical security concerns.

If you discover a security vulnerability:

1. DO NOT open a public issue.
2. Report it privately via email to the maintainers.
3. Include reproduction steps and impact assessment.

We will acknowledge receipt within a reasonable timeframe and work toward a fix.

• Critical vulnerabilities will be patched as soon as possible.
• A release will be published with documented fixes.
• Public disclosure will occur after a patch is available.

Security and stability take priority over feature velocity.