Since there are nearly no development dependencies, and no code is run for users, we have no heavy weight security policy. In the off case you do find a security vulnerability:
- Open an issue for most cases;
- E-mail
jeroen [at] infi [dot] nl
in case it would not be responsible to publicly open an issue;
Note that for content of The Infi Way regarding the topic of Security, we recommend using the same approach as for all other content.