brackson
commented
11 months ago Hi, it's been a while since you posted this. If this is a serious security vulnerability and you're getting no response, it might be worth it to follow this guide for repository security advisories.
The project doesn't have a security policy defined.
Assume that I have found a security vulnerability. Where can I report it? :)