If you discover a security vulnerability, please report it privately via email to theo@zrz.io.

Do not open a public GitHub issue for security vulnerabilities.

You should expect an initial response within 72 hours. Once confirmed, a fix will be prioritized and released as soon as practical.

Only the latest release is supported with security updates.