Please submit reports of security vulnerabilities and, if possible, code to reproduce the vulnerability.

That code will be the basis for the fix.

Please send reports to edward@frakkingsweet.com and antoine@aaubry.net instead of directly opening an issue detailing the finding.

We will reach out and let you know when it's appropriate to open that issue and post that information.

Though, likely the reproduction will be in the unit test and details included in the PR around the vulnerability.

Reports will promptly be investigated and responded to.