The main branch is actively maintained. No formal versioning yet.
Please DO NOT open public issues for sensitive security problems.
Instead, choose one of these options:
- Open a private GitHub Security Advisory (preferred)
- Email the maintainer (see author info in
package.json)
Provide:
- Description & impact
- Steps to reproduce / PoC
- Suggested fix (if known)
You will receive an acknowledgment within 72 hours. Fix timelines depend on severity and complexity.
This project is a static, client-side application. There is no backend; report issues limited to:
- Supply-chain vulnerabilities
- XSS in rendered content
- Malicious file parsing edge cases
Thank you for helping keep the community safe.