mirror of
https://github.com/acamarata/hijri-core.git
synced 2026-07-01 03:04:29 +00:00
26 lines
712 B
Markdown
26 lines
712 B
Markdown
# Security Policy
|
|
|
|
## Supported Versions
|
|
|
|
| Version | Supported |
|
|
| --- | --- |
|
|
| 1.x | Yes |
|
|
|
|
## Reporting a Vulnerability
|
|
|
|
Do not open a public GitHub issue for security vulnerabilities.
|
|
|
|
Email: aric.camarata@gmail.com
|
|
|
|
Include:
|
|
|
|
- A description of the vulnerability
|
|
- Steps to reproduce
|
|
- Potential impact
|
|
- Any suggested fix, if you have one
|
|
|
|
You will receive an acknowledgment within 48 hours and a resolution timeline within 7 days.
|
|
|
|
## Scope
|
|
|
|
This package is a pure computation library. It performs no network requests, reads no files, and holds no credentials. All calendar conversion logic is deterministic arithmetic. The primary security concern would be a supply-chain compromise of the npm package.
|