The latest release on the default branch is supported for security fixes.

If you discover a security vulnerability, please do not open a public issue. Instead, contact the maintainer privately so we can fix the problem before disclosing it.

We aim to acknowledge reports within 72 hours and provide a fix within a reasonable timeframe, depending on severity.

Thanks for helping keep this project and its users safe.