Skip to content

Security: NGXSMK/ngxsmk-ui-kit

Security

SECURITY.md

Security Policy

Thank you for helping to keep NGXSMK UI Kit and its users secure! We take all security vulnerabilities seriously and appreciate your efforts to report them responsibly.

Supported Versions

We actively support and provide security updates for the following versions:

Version Supported
1.3.x ✅ Yes
1.2.x ✅ Yes
< 1.2.x ❌ No

Reporting a Vulnerability

If you discover a security vulnerability, please report it privately:

  1. Do Not Open a Public Issue: To protect users, please do not disclose the vulnerability in public GitHub issues, pull requests, or discussion forums until a fix is released.
  2. Preferred Method: Use the GitHub Security Advisories interface to create a private communication channel between you and the maintainers.
  3. Email Option: If you are unable to use the GitHub Advisories feature, email ngxsmk@gmail.com with a detailed description of the issue.

Please Include:

  • A detailed description of the vulnerability.
  • Steps to reproduce the issue (including sample code or configuration where applicable).
  • The affected versions of the library.
  • Any potential impact or known mitigations.

Our Response Process

Once a vulnerability report is received, we commit to the following response process:

  • Acknowledgment: We will acknowledge receipt of your report within 48 hours.
  • Triage & Investigation: We will investigate the issue and determine the appropriate fix. We may contact you for additional information if needed.
  • Fix & Release: We will work to resolve the vulnerability as quickly as possible. A patch will be backported to all supported versions.
  • Disclosure: Once the patch is available, we will release a security advisory and credit you for the discovery (unless you prefer to remain anonymous).

Thank you for your cooperation in protecting the community!

There aren't any published security advisories