The Theoria maintainers take security issues seriously. We appreciate responsible disclosure.
Please DO NOT create public GitHub issues for security vulnerabilities.
Email security concerns to: security@scenesystems.io
You may also use the GitHub Security Advisory "Report a Vulnerability" tab.
Include:
- Description of the vulnerability
- Steps to reproduce
- Potential impact assessment
- Any proof-of-concept code (if applicable)
| Phase | Timeline |
|---|---|
| Acknowledgment | Within 48 hours |
| Initial assessment | Within 7 days |
| Resolution | Based on severity |
We will respond with next steps and keep you informed of progress towards a fix. Please do not post security issues in public GitHub Issues, Pull Requests, or social media until disclosure is complete.
Report security bugs in third-party modules to the person or team maintaining the module. You can also report a vulnerability through the npm contact form by selecting "I'm reporting a security issue".