If you discover a vulnerability, we would like to know about it so we can take steps to address it as quickly as possible. We request that you please follow these guidelines:

• E-mail the lead maintainer directly, providing as much relevant information as possible about the vulnerability.
• Do not publicize the issue until we have had a chance to address it.
• Expect a response within 48 hours, and if you haven’t heard from us, please follow up!

We take all disclosures very seriously and will make every effort to quickly correct any vulnerabilities. To encourage responsible reporting, we will not take legal action against you nor ask law enforcement to investigate you providing you comply with current laws and follow the above guidelines.