We maintain the latest main branch. Older tags may not receive patches.

• Please email a private report to the maintainers or use your preferred coordinated disclosure channel.
• Include reproduction steps, impact, and affected components.
• We aim to acknowledge within 3–5 business days.

We rely on third-party packages (FastAPI, Celery, scikit-learn, Optuna, etc.). If the issue is upstream, please also report it to the upstream project.