Tupper is pre-1.0; security fixes are applied to the latest published release.
Please do not open a public issue for security vulnerabilities.
Report privately using GitHub's private vulnerability reporting (the Security tab → Report a vulnerability), or email uzair.hussain10@gmail.com.
Please include:
- the affected package and version,
- a description of the issue and its impact,
- steps to reproduce or a proof of concept.
We aim to acknowledge reports within 72 hours and to provide a remediation timeline after triage. We'll coordinate a disclosure date with you and credit you in the release notes unless you prefer otherwise.