Please file a private vulnerability report via GitHub, email @ljharb, or see https://tidelift.com/security if you have a potential security vulnerability to report.
Please see our Incident Response Plan.
Please see THREAT_MODEL.md.