Skip to content

Latest commit

 

History

History
33 lines (21 loc) · 1.44 KB

SECURITY.md

File metadata and controls

33 lines (21 loc) · 1.44 KB

Security Policy

Supported Versions

Only the latest version of node-zendesk is currently being supported with security updates.

Version Supported
latest
< latest

Reporting a Vulnerability

If you believe you've found a security vulnerability in node-zendesk, please send an email to blakmatrix@gmail.com detailing the suspected issue. Do not open a public GitHub issue if the bug is a security vulnerability.

What to include in your report

To help us understand the scope and impact of the security issue, please include as much detail as possible. This might include:

  • Steps to reproduce the issue, ideally a minimized test case.
  • Your expected result.
  • Your observed result.

What to expect

After you've submitted a vulnerability report:

  • We will acknowledge receipt of your vulnerability report.
  • We'll do our best to validate the reported vulnerability.
  • If valid, please understand that node-zendesk is a labor of love and maintained without any sponsorship(yet). While we always aim to address vulnerabilities as quickly as possible, it might take some time depending on the availability of maintainers.
  • Once resolved, we will provide an update on the report and possible mention in release notes (if you agree).

Thank you for helping to improve node-zendesk and for your patience.