## Reporting a Vulnerability

If you think you have found a vulnerability, _please report responsibly_.
Don't create GitHub issues for security issues.
Instead, send an email to cedric dot ronvel at gmail dot com and I will look into it as soon as possible.

**A note for bounty hunters:** I should mention that I *usually* prefer to fix security issues by myself,
because it could involve rethinking API or fixing it / working around it in a way only an official maintainer can do it.
I want to avoid people getting frustrated: **don't work on a fix before getting in touch with me**.