We actively support the following versions of Better Tables with security updates:
| Version | Supported |
|---|---|
| 0.5.x | Yes |
We take security vulnerabilities seriously. If you discover a security vulnerability, please follow these steps:
Security vulnerabilities should be reported privately to prevent exploitation.
The preferred method is to use GitHub's private security advisory system:
- Go to Security Advisories
- Click "Report a vulnerability"
- Fill out the form with details about the vulnerability
Please provide as much information as possible:
- Description: Clear description of the vulnerability
- Impact: What could an attacker do with this vulnerability?
- Steps to Reproduce: Detailed steps to reproduce the issue
- Affected Versions: Which versions are affected?
- Suggested Fix: If you have ideas for a fix, please share them
- Initial Response: Within 48 hours
- Status Update: Within 7 days
- Resolution: Depends on severity, but we aim for timely fixes
- We will acknowledge receipt of your report within 48 hours
- We will keep you informed of our progress
- We will notify you when the vulnerability is fixed
- We will credit you in the security advisory (unless you prefer to remain anonymous)
When using Better Tables:
- Keep dependencies updated: Regularly update
@better-tables/core,@better-tables/ui, and adapters - Review access controls: Ensure proper authentication and authorization in your applications
- Validate input: Always validate and sanitize user input before passing to table components
- Use HTTPS: Always use HTTPS in production environments
- Follow principle of least privilege: Grant minimum necessary permissions
Better Tables includes several security features:
- Input validation: Built-in validation for filter values and operators
- SQL injection protection: Adapters use parameterized queries
- XSS prevention: UI components sanitize output
- Type safety: TypeScript helps prevent many security issues
If you have questions about security in Better Tables, please:
- Open a Discussion
- Check our Documentation
Thank you for helping keep Better Tables secure! 🔒