Currently supporting:
| Version | Supported |
|---|---|
| 0.1.x | ✅ |
If you discover a security vulnerability in NPDateTime, please report it by:
- Email: Send details to amritgiri.dev@gmail.com
- Include:
- Description of the vulnerability
- Steps to reproduce
- Potential impact
- Suggested fix (if any)
We will acknowledge your email within 48 hours and provide a detailed response within 7 days.
- All date inputs are validated before processing
- Month values must be 1-12
- Day values are checked against calendar month lengths
- Year values must be within supported range (1975-2100 BS for lookup tables)
- Date arithmetic operations check for overflows
- Conversion between calendars validates intermediate results
- We minimize dependencies to reduce attack surface
- Dependencies are regularly audited and updated
- Optional features (astronomical, python, wasm) isolate complexity
When using NPDateTime:
- Always handle
Resulttypes properly - don't unwrap blindly - Validate user inputs before passing to library functions
- Use type system to enforce correctness
- Consider fuzzing your integration for edge cases
Security updates will be released as patch versions and announced in CHANGELOG.md.