The current state of the project is still far away from a productive state. There are a bunch of known missing checks and security topics. Because this is still a single-person side-project and so there is only a limited amount of time available at the moment. Some security topics are still not fixed now, because they will be fixed by other planned changes in the near future anyway or because the changes required to fix the problem are bigger and have to be delayed because of lower priority, because the project still doesn't seems to be used by other people.
But if you are interested in this project and find some critical security vulnerabilities, then please report them to
so I can keep track of them and try to fix them as fast as possible.
For non-critical security issues you can also open a QA-issue within the project and add the Security
-label to it.