We provide security updates for the latest published version of this package:
| Version | Supported |
|---|---|
latest (npm) |
✅ |
| older versions | ❌ |
If you’re using an older version, we highly recommend updating to the latest version available on npm.
If you discover any security vulnerability in ForPromise, please report it responsibly and privately.
To report a vulnerability, use one of the following methods:
- 📧 Email:
tiny@puddy.club - 🛡️ GitHub Security Advisories: Use the "Report a vulnerability" feature on the repository page.
We ask you not to disclose vulnerabilities publicly before we have had a chance to investigate and release a fix.
We aim to respond to valid reports within 72 hours and will try to release a fix within 7 working days, depending on complexity and impact.
- You report a security issue privately.
- We confirm the vulnerability and begin internal investigation.
- A patch is prepared, tested, and released.
- A public disclosure and GitHub Security Advisory may be published.
- If you request it, we will credit you as the reporter (unless anonymity is preferred).
Thanks for helping us make forPromise a safer and more reliable project! 💙
Your contribution to open-source security matters.