Only the latest main branch is considered supported.
Do not open public issues for vulnerabilities that could expose developer machines, local credentials, Docker contexts or profile contents.
Instead, report the issue privately to the maintainer with:
- a short description of the impact
- reproduction steps
- affected files or commands
- any mitigation you already validated
The project aims to acknowledge reports promptly and ship a fix or mitigation as soon as practical.