The following versions are supported with security updates:
| Version | Supported |
|---|---|
| 1.x.x | ✅ |
| 0.x.x | ✅ |
If you discover a security vulnerability, please report it to us. We take all security vulnerabilities seriously and will address them promptly.
- GitHub Security Advisories: Report the vulnerability via our GitHub Security Advisories page.
- Details: Include as much information as possible about the vulnerability. This should include:
- Steps to reproduce the vulnerability
- Potential impact of the vulnerability
- Any possible fixes or workarounds
- We will acknowledge your report within 48 hours.
- We will investigate the issue and provide an initial response within 5 business days.
- We aim to provide a fix for the vulnerability promptly, typically within 30 days.
We will publish a summary of the vulnerability and its resolution once the fix has been deployed. If you prefer, we will credit you with the discovery of the vulnerability.
To ensure the security of our wiresense.js library, we use the following tools and practices:
- Depfu: Automated dependency updates.
- Dependabot: Alerts us to potential security vulnerabilities in our dependencies.
- GitHub Code Scanning: Identifies potential security vulnerabilities in our codebase.
- GitHub Secret Scanning: Detects and alerts on the presence of secrets within our repository.
For further queries or concerns, please contact us via email
Thank you for helping us keep our application secure!