We take security bugs in our projects seriously. We appreciate your efforts to responsibly disclose your findings, and will make every effort to acknowledge your contributions.

To report a security issue, you can use one of the following methods:

1. GitHub Security Advisory — use the Report a Vulnerability button under Security > Report a Vulnerability in the affected repository.

2. Contact form — reach out via markbattistella.com/contact.

3. Social media — send a direct message on Mastodon or Bluesky.

After the initial reply to your report, we will aim to keep you informed of the progress towards a fix and full announcement, and may ask for additional information or guidance.

If you find a security bug in a third-party module that we use, please report it to the person or team maintaining that module.

To learn more about securing your application, consider the following resources:

• Mozilla Developer Network (MDN) Web Security
• Security Best Practices on GitHub

We are committed to ensuring the security and privacy of our users. Thank you for helping us achieve this goal.