Do not open a public GitHub issue for security-sensitive reports.
Email hello@delega.dev with:
- A clear description of the issue
- Steps to reproduce it
- The affected version or commit, if known
- Any suggested mitigation or fix
Use a subject line like Security report: delega-cli.
We will acknowledge receipt and work on triage privately.
Security fixes are applied to the latest published release and the current main branch.