Security fixes are accepted for the latest release tag and the main branch.
Report security issues privately through GitHub Security Advisories for this repository when available. If advisories are unavailable, open a minimal issue that states a private report is needed without publishing exploit details.
Include:
- affected version or commit
- operating system and Qt version
- reproduction steps
- expected impact
- whether the issue also exists in the Python reference project
Do not publish proof-of-concept exploit code in public issues before a fix is available.