| Version | Supported |
|---|---|
| 1.x | Yes |
| < 1.0 | No |
Do not open a public issue for security vulnerabilities.
- Go to Security Advisories
- Click "Report a vulnerability"
- Fill in the details
Send a direct message to @bntvllnt with:
- Description of the vulnerability
- Steps to reproduce
- Impact assessment
- Acknowledgment: within 48 hours
- Initial assessment: within 1 week
- Fix release: within 2 weeks for critical/high severity
This package is an ESLint configuration — it runs at development time only, not in production. Vulnerabilities in transitive dependencies are tracked and patched promptly (see #11 for precedent).