Google Git
Sign in
flutter/third_party/tinygltf/refs/heads/copilot/remove-security-md-and-section^!/.
commit
e8e41ae6948b3a06af32363882cfdaa95454b77b
[log]
author
copilot-swe-agent[bot] <198982749+Copilot@users.noreply.github.com>
Tue Jun 02 16:16:34 2026 +0000
committer
GitHub <noreply@github.com>
Tue Jun 02 16:16:34 2026 +0000
tree
5abe2e93ce1d5301e6f3ba8bc2dc2a587fea4848
parent
3e283c05d589e06505a8eaaadeab02150bb42998 [diff]
Tighten README security wording

diff --git a/README.md b/README.md
index 91535e5..8c6cd66 100644
--- a/README.md
+++ b/README.md

@@ -19,7 +19,7 @@
 - **No RTTI, no exceptions required** — suitable for embedded and game-engine use.
 - **Opt-in filesystem and image I/O** — `TINYGLTF3_ENABLE_FS` / `TINYGLTF3_ENABLE_STB_IMAGE` are off by default; you control when and how assets are loaded.
 - **C++20 coroutine facade** (optional, auto-detected). C17/C++17 default.
-- **Hardened against untrusted input** — URI sanitization, post-parse index-bounds validation (default-on, opt-out via `tg3_parse_options.validate_indices = 0`), strict numeric range checks; exercised by a libFuzzer harness and by a cross-version verifier that compares parsed output against the v1 C++ reference loader.
+- **Hardened against untrusted input** — URI sanitization, post-parse index-bounds validation (default-on, opt-out via `tg3_parse_options.validate_indices = 0`), strict numeric range checks; exercised by a libFuzzer harness and by a cross-version verifier that compares parsed output against the v1 C++ reference loader. See the `Security Considerations` block at the top of `tiny_gltf_v3.h`.
 
 ### Quick start (v3)