I cannot find any documentation on how to report security issues for this project.
Ideally, they should be reported in confidence to the maintainers. A direct message, however, seems inappropriate and could potentially get lost.
I'm honestly a bit surprised that GitHub doesn't have a mechanism that allows someone to create a security issue for a project that only the OP and maintainers can view.
Is there another service this project uses for reporting security issues that just isn't documented?
I cannot find any documentation on how to report security issues for this project.
Ideally, they should be reported in confidence to the maintainers. A direct message, however, seems inappropriate and could potentially get lost.
I'm honestly a bit surprised that GitHub doesn't have a mechanism that allows someone to create a security issue for a project that only the OP and maintainers can view.
Is there another service this project uses for reporting security issues that just isn't documented?