I am extremely dedicated to ensuring the security of this library. In order to ensure that goal, I keep the complexity of the library to an absolute minimum, and only use dependencies that I trust completely.
The only production dependency is unraw, which I wrote myself and which has no production dependencies itself.
I currently only support 1.2.x for security updates. The module is still new,
so there are no projects that depend on versions lower than this.
| Version | Supported |
|---|---|
| 1.2.x | ✅ |
| < 1.2 | ❌ |
Vulnerability reports will always be handled with absolute priority. The best way to report a vulnerability is to notify NPM, who will analyze your report and take the appropriate action along with alerting me.