These are the versions that are currently being supported with security updates.
| Version | Supported |
|---|---|
| 0.4.x | ✅ |
If you believe you've found a security vulnerability in this package, please follow these steps to report it responsibly:
-
Privately Notify the Maintainers: Do not disclose the vulnerability publicly. Instead, email the maintainers directly at [[email protected]] with details of the vulnerability. Please include the word "SECURITY" in the subject line.
-
Provide Detailed Information: When reporting the vulnerability, include as much detail as possible, including:
- Description of the vulnerability
- Steps to reproduce the vulnerability
- Affected versions of the package
- Any potential impact or exploit scenarios
-
Be Patient: We take security vulnerabilities seriously and will investigate promptly. You can expect an initial response within 1 day acknowledging your report and outlining the next steps in the process.
-
Cooperate Confidentially: If we confirm the vulnerability, we may request further information or assistance from you. Please cooperate with us confidentially throughout the process.
-
Public Disclosure: Once a fix is available, we'll work with you to determine an appropriate timeline for public disclosure. This ensures that users have enough time to update their systems before details of the vulnerability are made public.
Thank you for helping to keep our package and its users safe!