We actively support the following versions of api-response-shaper
with security updates:
Version | Supported |
---|---|
1.1.0 | ✅ Fully supported |
1.0.0 | ✅ Supported |
We take security issues seriously. If you find a vulnerability in api-response-shaper
, please report it confidentially. Here are the steps to report security vulnerabilities:
- Email: Please send an email to [email protected] with a detailed description of the vulnerability.
- Details: In your email, include the following details:
- Description of the vulnerability.
- Potential impact and severity.
- Steps to reproduce the issue.
- Any other relevant information, such as proof of concept or screenshots.
We will:
- Acknowledge your report within 2 business days.
- Work with you to understand and resolve the issue as quickly as possible.
- Provide an estimate of when a patch will be available and credit you (if desired) in the changelog.
When a vulnerability is confirmed:
- We will create a fix and apply it to all actively supported versions of
api-response-shaper
. - A new release with the security fix will be published, and the vulnerability will be disclosed in the changelog or via a security advisory.
- We may delay the disclosure of details about the vulnerability until a sufficient number of users have updated to the patched version.
- Keep your
api-response-shaper
package up to date with the latest versions to ensure you benefit from the latest security fixes. - Follow our changelog for announcements regarding security fixes.
- Ensure that your logging configuration is secure and does not expose sensitive information in log files.
We strongly encourage responsible disclosure and will work to fix issues in a timely manner. We appreciate any effort to help make api-response-shaper
more secure for all users.
Thank you for helping us improve the security of api-response-shaper
!