• We aim to keep project dependencies up to date with Github's Dependabot feature, acting on any relevant security notices published to the repo

• We aim to frequently use go mod tidy to limit dependencies to the bare necessities

• This repo has Github's CodeQL analysis enabled as part of the CI checks on all PRs

Please report any security vulnerabilities found to echo <name of this repo> | sed 's/-//g, at gmail.com