Skip to content

Security: btravstack/unthrown

Security

SECURITY.md

Security Policy

Supported versions

unthrown and the @unthrown/* packages are released together from this monorepo. Security fixes land on the latest published version; please upgrade to the latest release before reporting.

Reporting a vulnerability

Please do not open a public issue for security vulnerabilities.

Report privately through one of:

  • GitHub Security Advisoriesopen a private report (preferred; keeps the discussion and fix coordination in one place).
  • Emailbtravers.pro@gmail.com.

Please include:

  • the affected package and version,
  • a description of the issue and its impact,
  • and a minimal reproduction if possible.

What to expect

  • Acknowledgement of your report as soon as it is triaged.
  • An assessment of the impact and affected versions.
  • A coordinated fix and release, with credit to you in the advisory unless you prefer to remain anonymous.

Thank you for helping keep unthrown and its users safe.

There aren't any published security advisories