This is my personal site but if you find a bug and would like to disclose it, please file a new issue, or report the bug privately via GitHub, or let me know somehow, email me for example.

If the bug report is valid, I'll fix the bug as soon as possible. General speaking, the fix should be available within 30 days, but usually it will be much sooner.

I don't offer bounties for security bugs but I'll buy you a beer or make a donation to a charity of your choice (which you can then match if you want).

You can find my contacts for example in security.txt (what's that?) or elsewhere.