If you find a security vulnerability, do not open an issue or pull request, contact the maintainers directly.