We take security very seriously. We welcome any peer review of our 100% open source code and dependencies to ensure nobody's use of the application is ever compromised or hacked.
In order to give the developers time to respond and upgrade we strongly urge you report all security issues privately. Please email us directly at protect.github@gmail.com
with details and steps to reproduce. Security issues take precedence over bug fixes and feature work.