Vulnerability Disclosure Policy
===============================

Please observe the standard best practices of responsible disclosure, especially considering that this is OSS.
See OWASP's disclosure `cheat sheet <https://cheatsheetseries.owasp.org/cheatsheets/Vulnerability_Disclosure_Cheat_Sheet.html>`_.

Some basic rules:

- Keep it legal.
- Respect everyone's privacy.
- Contact the core maintainer(s) immediately if you discover a serious security vulnerability (imichael@pm.me for now).