The following table lists the supported versions and their status. I aim to address security vulnerabilities in supported versions as quickly as possible.
| Version | Supported |
|---|---|
| 1.0 | ✅ |
I take the security of my code seriously. If you discover a security vulnerability, I appreciate your help in disclosing it responsibly. Please report any vulnerabilities by following the guidelines below:
- Do not open a public issue on GitHub if the vulnerability may cause a security risk to others.
- Email me at
[email protected]with the details of the vulnerability. Include:- A description of the vulnerability and its potential impact.
- Steps to reproduce the vulnerability, including code snippets if applicable.
- Any potential mitigations or workarounds.
- This is to only report security vulnerabilities, NOT to report bugs. To report bugs, uses the Issues tab.
I will take an action on your report within 5 business days. During the investigation, I may ask for additional information to help understand and resolve the issue. Once the vulnerability is confirmed, I will take appropriate measures to address it as swiftly as possible.
To protect the users of this repository, I follow a responsible disclosure process. This means:
- I will confirm and fix vulnerabilities before publicly disclosing them.
- If a patch is required, I will release it before publicly announcing the vulnerability.
- I will acknowledge the reporter's contributions, respecting their anonymity if requested.
While using the examples in this repository, I encourage users to:
- Regularly update their dependencies to avoid vulnerabilities.
- Avoid hardcoding sensitive information such as passwords or API keys in the code.
- Follow secure coding practices, especially if adapting the code for production use.