Security updates are provided for the latest state of the default branch (main or master).
Please do not open a public issue for sensitive reports.
Preferred path:
- Open a private GitHub security advisory for this repository.
- Include reproduction steps, impact, and any proof-of-concept details.
If private advisory tools are not available, contact the repository owner directly and share the report privately.
- Do not commit API keys, tokens, credentials, or private keys.
- Redact personal identifiers and infrastructure details from screenshots before commit.
- Run secret scans before release:
trufflehog filesystem . --only-verified
trufflehog git file://. --only-verified