If you believe you've found a security vulnerability in ezpz, please report it privately — do NOT file a public issue.

The preferred channel is GitHub's private vulnerability reporting, which keeps the report visible only to repo maintainers until a fix is ready.

If you can't use that channel, email the maintainer: saforem2 [at] gmail.com.

You can expect an acknowledgement within ~1 week. Please give us a reasonable window to ship a fix before any public disclosure.

Only the latest minor release receives security updates. Older releases (< 0.18.x) are not maintained.