Skip to content

Security: wix-incubator/jest-metadata

Security

SECURITY.md

Security Policy

Supported Versions

Version Supported
1.0.x
1.0.0-beta.x

Reporting a Vulnerability

We take the security of jest-metadata seriously. If you have discovered a security vulnerability, we appreciate your help in disclosing it to us in a responsible manner.

How to Report

Please do not report security vulnerabilities through public GitHub issues.

  • Via Email: Send an email to [email protected]. If possible, encrypt your message with our PGP public key to keep the information secure.

What to Include

Please provide detailed information about the vulnerability, including:

  • Description of the vulnerability
  • Potential impact if it was exploited
  • A detailed reproduction case, preferably with code examples and/or screenshots

Expectations

  • We will acknowledge receipt of the vulnerability report and send an initial response within 2 weeks.
  • We will keep you informed of the progress towards fixing the vulnerability.
  • We will mention your contribution when we fix the vulnerability (unless you prefer to remain anonymous).

Safe Harbor

Any activities conducted in a manner consistent with this policy will be considered authorized conduct and we will not pursue legal action against you.

Public Disclosure

Please refrain from sharing about the vulnerability until we have resolved it, to ensure that users have ample opportunity to update and are not unnecessarily put at risk.

Thank You

We are deeply grateful to all the conscientious users who help us ensure the security and privacy of jest-metadata users.

There aren’t any published security advisories