The following versions of the get_time_ago
package are currently being supported with security updates:
Version | Supported |
---|---|
2.x.x | ✅ |
1.3.x | ✅ |
1.2.x | ❌ |
0.x.x | ❌ |
If you are using an older, unsupported version, we recommend upgrading to the latest version to benefit from security fixes.
We take security issues seriously. If you discover any security vulnerabilities or potential issues in the package, please report them to us privately to allow us to investigate and address the issue before it is publicly disclosed.
- Email: [
[email protected]
,[email protected]
] - Subject: Security Issue in
get_time_ago
Package - Information to include:
- A description of the vulnerability
- Steps to reproduce (if applicable)
- The impact of the vulnerability
- Any potential fixes or patches
Please do not publicly disclose security vulnerabilities until we have confirmed and addressed them. We will work quickly to investigate and fix the issue.
We aim to respond to vulnerability reports within 48 hours and will work closely with you to understand and resolve the issue as quickly as possible.
When using the package in your project, consider the following security best practices:
-
Keep the package up to date:
Always use the latest version of the package to ensure you have the most recent security fixes and updates. -
Review dependencies:
Ensure that all other dependencies in your project are up-to-date and free from vulnerabilities. Use tools likepub outdated
to identify and update outdated packages.
We commit to regularly reviewing and updating the package with necessary security patches. Critical security vulnerabilities will be patched and released as soon as possible. If a critical fix is required, we will:
- Prioritize the vulnerability fix
- Release a patch version immediately
- Notify users through the release notes and the changelog
By adhering to these guidelines, you help ensure a more secure experience when using the get_time_ago
package.