Security updates are provided for the 0.1.x release line of all packages in this repository:
| Package | Supported Versions |
|---|---|
| @reasonabletech/eslint-config | 0.1.x |
| @reasonabletech/config-playwright | 0.1.x |
| @reasonabletech/config-tsup | 0.1.x |
| @reasonabletech/config-typescript | 0.1.x |
| @reasonabletech/config-vitest | 0.1.x |
| @reasonabletech/utils | 0.1.x |
Do not report security vulnerabilities through GitHub issues. Please send reports to security@reasonabletech.co.
Include the following in your report:
- Description of the vulnerability and its potential impact
- Steps to reproduce or proof of concept
- Affected package(s) and version(s)
- Severity assessment (Critical, High, Medium, Low)
- Any suggested mitigations or patches
We will acknowledge receipt of your report within 48 hours. Critical vulnerabilities will receive a coordinated fix and security advisory release within 7 days where possible. Non-critical issues are addressed in the next scheduled release.
We follow responsible disclosure: fixes are released with a security advisory before public announcement. Public disclosure by the reporter should be deferred until the fix is publicly available.