Do not open a public issue for security vulnerabilities.

Please report security issues via GitHub Security Advisories.

Include:

• Description of the vulnerability
• Steps to reproduce
• Potential impact
• Suggested fix (if any)

You can expect an initial response within 72 hours. We will work with you to understand and address the issue before any public disclosure.

This policy covers the hono-idempotency npm package. Vulnerabilities in dependencies should be reported to the respective maintainers.