Only the latest major version of each project receives security fixes.
Please do not open a public issue for security vulnerabilities.
Report privately via one of:
- GitHub Security Advisories — open a private advisory on the affected repository (
Security→Report a vulnerability) - Email — chat@marcoboffo.me
Include a description of the issue, steps to reproduce, and any relevant context. You can expect an acknowledgement within 72 hours and a resolution timeline after triage.