As this is currently a volunteer/passion project, there are no guarantees on how security matters are handled, both in terms of response times and creation of patches.

This library being marked at major version 1 means that the API is not due for large changes and is somewhat stable; that does not mean it is 100% secure. No professional security audit has been made.

You are encouraged to publicly share security vulnerabilities in GitHub issues. If you personally believe a vulnerability you found here impacts another project to the extent of being disastrous when disclosed publicly, a private disclosure can be made through the GitHub Security tab on this repository. However, as stated before, there are no guarantees on how or whether it is handled.