Please report security issues privately, not via public GitHub issues.

• Preferred: use GitHub's private vulnerability reporting for this repository (the Security tab, then Report a vulnerability), if enabled.
• Otherwise email holger.kreis@civicpatches.de.

Please do not include live tokens, API keys, or production credentials in your report. We aim to acknowledge reports within a few business days.

Security fixes are provided for the latest released version on the main branch.