The Proyecto 26
team and community take all security bugs in nativescript-inappbrowser
seriously. We appreciate your efforts to responsibly disclose your findings, and will make every effort to acknowledge your contributions.
To report a security vulnerability, please use the Tidelift security contact. Tidelift will coordinate the fix and disclosure.
The Proyecto 26
team will send a response indicating the next steps in handling your report. After the initial reply to your report, the security team will endeavor to keep you informed of the progress towards a fix and full announcement, and may ask for additional information or guidance.
Report security bugs in third-party modules to the person or team maintaining the module.
When the security team receives a security bug report, they will assign it to a primary handler. This person will coordinate the fix and release process, involving the following steps:
- Confirm the problem and determine the affected versions.
- Audit code to find any potential similar problems.
- Prepare fixes for all releases still under maintenance. These fixes will be released as fast as possible.
If you have suggestions on how this process could be improved please submit a pull request.
Thank you for making the world a better place for everyone! π