This project is pre-release. Security issues may apply to all versions until a release policy is established.
Do not open public issues for vulnerabilities.
Use GitHub private vulnerability reporting once enabled, or contact the maintainers through the configured private channel.
Security work may include:
- Threat modeling
- Dependency and supply-chain review
- SBOM generation
- Secure CI/CD
- Secret scanning
- Vulnerability triage
- Incident response guidance
Security analysis in this repository is not a certification, homologation approval, or substitute for expert review.