We include only the essential dependencies to minimize the chance of a supply-chain attack. To ensure that we don’t expose ourselves to that vulnerability, all commits will be scanned by OpenSSF Scorecard during PR reviews, upon merging to the master branch, and on a weekly basis (every Tuesday).
Currently, only the latest version and master branch will be supported. See Releases.
Please Report a vulnerability if you find any security issue in this repository.