mirror of
https://github.com/danielsogl/awesome-cordova-plugins.git
synced 2026-05-02 00:07:23 +08:00
Daniel Sogl
29 lines
968 B
Markdown
29 lines
968 B
Markdown
# Security Policy
|
|
|
|
## Reporting a Vulnerability
|
|
|
|
If you discover a security vulnerability in Awesome Cordova Plugins, please report it responsibly.
|
|
|
|
**Do not open a public GitHub issue for security vulnerabilities.**
|
|
|
|
Instead, please send an email to the maintainer or use [GitHub's private vulnerability reporting](https://github.com/danielsogl/awesome-cordova-plugins/security/advisories/new).
|
|
|
|
### What to include
|
|
|
|
- Description of the vulnerability
|
|
- Steps to reproduce
|
|
- Affected versions
|
|
- Potential impact
|
|
|
|
### Response
|
|
|
|
You can expect an initial response within 72 hours. We will work with you to understand the issue and coordinate a fix before any public disclosure.
|
|
|
|
## Scope
|
|
|
|
This policy covers the `@awesome-cordova-plugins/*` TypeScript wrapper packages. For vulnerabilities in the underlying Cordova plugins themselves, please report to the respective plugin maintainers.
|
|
|
|
## Supported Versions
|
|
|
|
Only the latest major version receives security updates.
|