Please report security vulnerabilities to security@rayne.page. Do not use GitHub's public issue tracker.

Security is an important aspect in the development of Nekomide, and it is greatly appreciated that you are taking the time to report a security vulnerability responsibly.

Once a repository maintainer receives an email, they will do their best to respond to your email within 48 hours. If a maintainer doesn't respond within this time, post a GitHub issue asking a maintainer to view your report, but do not post any important details.

Once acknowledged by repository maintainers, work will be done to patch the reported vulnerability as soon as possible. Once a patch is published, an announcement of the vulnerability will be posted on the repository, and a popup will appear on affected versions asking to update.