We take the security of the JavaScript Code Challenges project seriously. If you believe you have found a security vulnerability, please report it to us as described below.
Please do not report security vulnerabilities through public GitHub issues.
Instead, please report them via one of the following methods:
- GitHub Security Advisories: Use the GitHub Security Advisory feature
- Email: Contact the project maintainer directly through their GitHub profile
Please include the following information in your report:
- Type of vulnerability
- Location of the affected source code (file path, line numbers, etc.)
- Step-by-step instructions to reproduce the issue
- Proof-of-concept or exploit code (if possible)
- Impact of the vulnerability
- Suggested fix (if you have one)
- We will acknowledge receipt of your vulnerability report within 48 hours
- We will provide a more detailed response within 5 business days
- We will work with you to understand and validate the issue
- We will take action to fix confirmed vulnerabilities
- We will publicly acknowledge your responsible disclosure (if you wish)
We release patches for security vulnerabilities in the following versions:
| Version | Supported |
|---|---|
| latest | ✅ |
| < latest | ❌ |
When contributing to this project:
- Keep dependencies up to date
- Do not commit sensitive information (API keys, credentials, etc.)
- Follow secure coding practices
- Review code changes carefully before submitting PRs
- Report any suspicious activity or potential security issues
Thank you for helping keep JavaScript Code Challenges and its users safe!