We welcome any reports of security vulnerabilities, and we will respond to you quickly to acknowledge receipt.
To report a vulnerability please email the maintainers using this link. This will also notify the security team for the main deployment of this software.
Please note that we do not offer any bug bounties and we do not participate in any bug programs. If your security report is validated by us, then we are happy to credit you publicly in our issue tracker, on request.