To report a security issue, please email stevehu@gmail.com with a description of the issue, the steps you took to create the issue, affected versions, and, if known, mitigations for the issue. Our vulnerability management team will acknowledge receiving your email within three working days. This project follows a 90-day disclosure timeline.