Report security issues privately through GitHub Security Advisories: https://github.com/javierbeaumont/minimoni/security/advisories/new
Please include:
- A description of the issue
- Steps to reproduce
- Affected versions (output of
minimoni --version) - Your suggested fix, if any
I'll acknowledge receipt within 5 business days and aim to have a fix or mitigation released within 30 days for confirmed issues.
Do not open a public GitHub issue for security-sensitive reports.
Only the latest released version receives security fixes during the
pre-1.0 phase. Once v1.0.0 is tagged, the API contract is frozen and
the policy will be revised.