# Security policy

Report suspected vulnerabilities according to [Astral's security policy](https://github.com/astral-sh/.github/blob/main/SECURITY.md).

For this repository's security boundaries and reporting criteria, see the [setup-uv threat model](docs/threat-model.md).