Only the latest version of the library is supported.
We ask to report any security vulnerabilities or flaws through:
- Github, in the "Security" tab, using the "Report a vulnerability" button.
- Email, security@dfns.co
After receiving the report, it will take us up to 2 working days to respond. We will evaluate the reported vulnerability, determine whether it needs to be addressed, and (if so) and provide an estimated timeline for addressing it.
After vulnerability was fixed and the new version of the library was properly tested, we publish the fix, and publicly disclose the vulnerability (credits for finding the issue go to the reporter).