If you think you have identified a security issue, please do not open a public issue.
Use GitHub Private Vulnerability Reporting if possible. Click Security then Report a vulnerability to report.
If private reporting is unavailable, contact the maintainers at isaac@dspy.ai.
Include enough detail for the maintainers to reproduce, validate, and assess the report, and redact any secrets before sharing a report.
We aim to acknowledge reports as fast as possible and coordinate a fix. The resolution times are best-effort, and will vary based on the reported severity and complexity.
Please avoid publicly disclosing a vulnerability until the maintainers have had a reasonable opportunity to investigate and remediate it.