We release updates for the following versions of the package:

If you discover a security vulnerability, please report it to us privately. You can do so by creating a private issue on GitHub. We will respond to your report within 5 business days.

Please do not disclose the vulnerability publicly until we have had a chance to address it.

We will issue security updates as needed. These updates will be documented in the release notes and will be available through the usual channels (GitHub releases and the npm registry).

To ensure the security of your application, we recommend the following best practices:

• Keep your dependencies up to date.
• Regularly audit your dependencies for known vulnerabilities using tools like npm audit.
• Follow the principle of least privilege when configuring your application and its dependencies.

This is an open-source project, as such we do not have a dedicated security team. If you have any questions or concerns regarding security, please contact us by creating an issue on GitHub.