If you discover a security vulnerability in blit-tech, please report it responsibly.

Do not open a public issue. Instead, email the maintainers directly or use GitHub's private vulnerability reporting.

We will acknowledge receipt within 48 hours and provide a timeline for a fix. Once resolved, we will credit you in the release notes (unless you prefer to remain anonymous).

blit-tech is a client-side WebGPU rendering library. Security concerns are primarily:

• Supply chain (dependencies)
• Build pipeline integrity
• WebGPU resource handling