PLEASE DON'T DISCLOSE SECURITY-RELATED ISSUES PUBLICLY, SEE BELOW.

Please see our support policy for information on supported versions for security releases. Security fixes are not back-ported. Please make sure you are running at least the latest release version of dependency. Please remember that any dependency which is an Open Source library and is provided without any warranty. Before using dependency in a critical environment, you should satisfy yourself that it works correctly and securely for your needs.

If you believe or suspect you have identified a security vulnerability, please report it via the "Report a Vulnerability" button in Security Advisories. (Details)

We follow Coordinated Disclosure practices and ask that you do too.

Please provide as much detail as possible in your report, including the steps to reproduce the vulnerability and sample code.

Alternatively to using GitHub, or if you have a security question or If you discover a security vulnerability within dependency, please send an email to M. AsadUllah. All security vulnerabilities will be promptly addressed.

We take all vulnerability reports seriously and strive to fix them as quickly as possible. Once we receive a report, we will verify the vulnerability and its impact. We will then work to develop and test a fix for the vulnerability, and release it as soon as possible.

-----BEGIN PGP PUBLIC KEY BLOCK-----

-----END PGP PUBLIC KEY BLOCK-----