# Security Policy ## Supported Versions Security fixes are handled on the latest published major version. ## Reporting a Vulnerability Please do not report security vulnerabilities through public GitHub issues. Use GitHub's private vulnerability reporting for this repository if it is available. If it is not available, contact the maintainer through GitHub and include enough detail to reproduce the issue safely. Reports should include: - The affected package version. - A minimal reproduction or proof of concept. - The expected impact. - Any known mitigation. The maintainer will review the report and coordinate a fix before public disclosure.