If you discover a security vulnerability in the @sse-auth/react package, please report it as soon as possible. We take security seriously and appreciate your help in keeping our package safe.
-
Email: Send an email to security@sse-auth.org with the following information:
- A detailed description of the vulnerability.
- Steps to reproduce the issue.
- Any relevant logs or screenshots.
- Your contact information (optional).
-
Confidentiality: Please do not disclose the vulnerability publicly until it has been addressed.
We will respond to your report within 48 hours and will provide a timeline for addressing the issue. Security updates will be released as soon as possible, and we will notify all users of the package through the following channels:
- GitHub Releases
- Email notifications (if subscribed)
- Updates in the README file
To enhance the security of your application using @sse-auth/react, consider the following best practices:
- Always use the latest version of the package.
- Regularly check for security advisories related to dependencies.
- Review and audit your code for security vulnerabilities.
We thank all security researchers and users who report vulnerabilities responsibly. Your contributions help make the @sse-auth/react package more secure for everyone.
This security policy is licensed under the MIT License.