PLEASE DON'T DISCLOSE SECURITY-RELATED ISSUES PUBLICLY, SEE BELOW.
If you discover a security vulnerability, please report it privately:
- GitHub Private Vulnerability Reporting (preferred) — go to the repository's Security tab and click "Report a vulnerability". This creates a private advisory visible only to maintainers and provides a structured workflow for triage, fix coordination, and CVE assignment.
All security vulnerabilities will be promptly addressed.
This policy applies to all repositories under the he4rt GitHub organization, unless a repository defines its own SECURITY.md.