List of the versions of the project that are currently being supported with security updates:

Security vulnerabilities are taken seriously. Efforts to responsibly disclose your findings are appreciated, and you can expect acknowledgment of your contributions.

To report a security vulnerability, please use the GitHub Security Advisory section.

You will then receive a response indicating the next steps in handling your report. After the initial reply to your report, you will be keep informed of the progress towards a fix and full announcement, and may ask for additional information or guidance.

Report security vulnerabilities in third-party modules to the person or team maintaining the module. You can also report a vulnerability through the npm contact form by selecting "Report a security issue or abuse".