Do not open a public issue for suspected vulnerabilities.
Send reports to dirk@stoffberg.dev or use GitHub private vulnerability reporting on the affected repository when it is available.
Include:
- The affected repository and version or commit.
- Clear reproduction steps.
- Impact and any known workaround.
- Whether the issue is already public.
Active public repositories in this organization are supported unless a repository says otherwise.