Thanks for your interest in making software safer for everyone.

The source code in this repository is provided as a reference implementation or supplemental material for a companion article. It is not intended for production use or for handling sensitive information. If you plan to adapt any of the concepts from this repository or the companion article, it is strongly recommended that you perform appropriate reviews and threat modeling to identify potential vulnerabilities within the reference code or your own implementation.

The repositories of this organization are written with security in mind; however, this is not a substitute for conducting your own threat modeling and risk assessment.

If you believe you've discovered a security vulnerability in any repository owned by this organization, you're welcome to disclose it publicly through any channel of your choice.

To help others understand and resolve (or avoid) the issue, please include as much of the following information as possible:

• The type of issue (e.g., misconfiguration, broken access control, insecure design)
• Full paths of source file(s) where the issue appears
• The location of the affected source code (tag/branch/commit or direct URL)
• Any special configuration required to reproduce the issue
• Step-by-step instructions to reproduce the issue
• Proof-of-concept or exploit code (if available)
• The impact of the issue, including how an attacker might exploit it