Skip to content

Security: rgrove/sanitize

SECURITY.md

Security Policy

Supported Versions

The most recent major version of Sanitize will receive security updates when necessary. Updates may be made available for older versions on a case by case basis, but this will typically depend on community contributions since maintainer time is limited and backporting changes to older versions can be challenging.

Reporting a Vulnerability

To report a security vulnerability in Sanitize, please email [email protected]. Please don't PGP-encrypt your email; that's not necessary, and encrypted emails will not be read.

Expect an acknowledgement of your report within 48 hours. If the vulnerability is confirmed, every effort will be made to release a fix as soon as is practical depending on the severity and complexity of the issue. Once a solution is available, the vulnerability will be publicly disclosed and (if desired) you will be credited for finding and reporting it.

Learn more about advisories related to rgrove/sanitize in the GitHub Advisory Database