We actively support and provide security updates for the following versions:
| Version | Supported |
|---|---|
| 1.0.4 | β Yes |
| 1.0.3 | β No |
Please upgrade to the latest version to ensure security and stability.
If you discover a security vulnerability, DO NOT create a public issue. Instead, please follow these steps:
- Email us at [shashanklhr@gmail.com] with the subject "[SECURITY] Vulnerability Report".
- Provide a detailed description of the issue, including steps to reproduce.
- Allow us at least 72 hours to assess and respond before public disclosure.
To keep your implementation secure, follow these best practices when using this library:
- βοΈ Keep dependencies up to date β Regularly update the package to the latest version.
- βοΈ Avoid storing sensitive data β Do not use
localStorage,sessionStorage, or cookies for storing credentials or personal data. - βοΈ Use HTTPS β Ensure your application runs over HTTPS to prevent man-in-the-middle attacks.
- βοΈ Enable Content Security Policy (CSP) β Restrict sources of executable scripts to mitigate XSS attacks.
- If a security vulnerability is confirmed, we will prioritize its resolution and release a patched version as soon as possible.
- Security patches will be backported only to supported versions listed above.
- If a critical issue arises, users will be notified via GitHub issues and release notes.
We appreciate the efforts of security researchers and developers who help keep this project secure. Thank you for your contributions!