This library follows semantic versioning. Security fixes
land on the latest released minor version; only the most recent tagged release
of the 1.x line is supported.
Please do not open public issues for security vulnerabilities.
Report privately through one of:
- GitHub's private vulnerability reporting — use "Report a vulnerability" under the repository's Security tab, or
- email michael@middag.io with a description and steps to reproduce.
We aim to acknowledge a report within 5 business days and to share a remediation timeline after triage. Please give us reasonable time to release a fix before any public disclosure.