Only the latest release of handyscript is supported with security updates. and bug fixes.
- Keep Handy Script and its dependencies up to date.
- Only use official releases of Handy Script from npm or CDN sources.
- If you discover a security issue, please follow the responsible disclosure process mentioned below.
If you discover a security vulnerability within handyscript, please send an email to one of the AUTHORS Email Addresses or this email [email protected]. with the subject HandyScript vulnerability Report. Handy Script does not have a bounty program, neither do we respond to bug bounties.
All security vulnerabilities will be promptly addressed.
Please do not disclose publically any security vulnerabilities until it has been resolved.
For valid security concerns, you can expect a response within 48 hours, and credit is given once an acceptable fix is found and published.