| Version | Supported |
|---|---|
| 0.1.x | Yes |
Only the latest release receives security updates.
Do not open a public issue for security vulnerabilities.
Use GitHub's Private Vulnerability Reporting:
- Go to the Security tab of this repository
- Click "Report a vulnerability"
- Fill in the details
- Acknowledge: Within 72 hours
- Assessment: Within 1 week
- Patch (critical): Within 30 days
- Patch (non-critical): Next scheduled release
- Security advisory published on GitHub
- Reporter credited (unless they prefer anonymity)
- Fix noted in CHANGELOG.md
This policy covers the @openeudi/core npm package. For issues in dependencies, please report to the respective maintainers.