aric/nrel-spa
1
0
Fork 0
mirror of https://github.com/acamarata/nrel-spa.git synced 2026-06-30 19:04:25 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions
nrel-spa/.github/wiki/SECURITY.md
Aric Camarata aa850f806c feat(e6): portfolio polish — docs, CI, TypeScript standard, wiki 
- Trim README to ≤80 lines with wiki link for full docs
- Add CHANGELOG.md with initial entry
- Fix CI: replace pinned pnpm/action-setup with corepack enable
- Add "type": "module" and flat exports map (ADR-015)
- Add ./package.json exports entry
- Add coverage script
- Rename lib/spa.js → lib/spa.cjs to fix CJS/ESM conflict under "type": "module"
- Update src/index.ts and tsup.config.ts to reference spa.cjs
- Add .github/wiki pages: _Sidebar, _Footer, Contributing, SECURITY, CODE_OF_CONDUCT
2026-05-28 13:59:43 -04:00

913 B
Raw Blame History

Security Policy

Supported Versions

Version Supported
2.x Yes
1.x No

Only the latest major version receives security fixes.

Reporting a Vulnerability

Do not open a public GitHub issue for security vulnerabilities.

Email: aric.camarata@gmail.com

Include:

  • A description of the vulnerability
  • Steps to reproduce
  • Potential impact
  • Any suggested fix, if you have one

You will receive an acknowledgment within 48 hours and a resolution timeline within 7 days. Once a fix is ready and deployed, the vulnerability will be disclosed publicly with credit to the reporter (unless you prefer to remain anonymous).

Scope

This package is a pure computation library. It performs no network requests, reads no files, and holds no credentials. The algorithm is a direct port of the NREL SPA C source and contains no dynamic code loading.