# Security

Please file a private vulnerability report via GitHub, email [@ljharb](https://github.com/ljharb), or see https://tidelift.com/security if you have a potential security vulnerability to report.

## Incident Response Plan

Please see our [Incident Response Plan](https://github.com/ljharb/.github/blob/main/INCIDENT_RESPONSE_PLAN.md).

## Threat Model

Please see [THREAT_MODEL.md](./THREAT_MODEL.md).