We take security issues in our project seriously and appreciate the efforts of the community in improving the security of our project.

To report a security issue, please email allaboutolaf@frogpond.tech with a description of the issue, the steps you took to create the issue, affected versions, and, if known, mitigations for the issue. Our team will respond within 3 working days of your email. If the issue is confirmed as a vulnerability, we will open a Security Advisory. This project follows a 90 day disclosure timeline.

Thank you for your contribution to the security of this project.