This project is actively maintained. Security updates are applied to the latest version.
| Version | Supported |
|---|---|
| 1.0.x | ✅ |
If you discover a security vulnerability in this project, please report it to me as outlined below.
Please do not report security vulnerabilities through public GitHub issues.
Instead, please report them via email to:
Email: nicholas@thompson2026.com
To help me better understand and address the issue, please include:
- A clear description of the vulnerability
- Steps to reproduce the issue
- Potential impact of the vulnerability
- Any suggested fixes (if available)
- Your contact information (optional, for follow-up questions)
- Initial response: Within 48 hours
- Status update: Within 7 days
- Resolution: As quickly as possible, typically within 30 days
- I will acknowledge receipt of your report within 48 hours
- I will provide regular updates on the progress of fixing the vulnerability
- Once the vulnerability is fixed, I will publicly disclose it in a security advisory
- I will credit you in the security advisory unless you prefer to remain anonymous
This project follows these security practices:
- Regular dependency updates
- Static site generation (reduces attack surface)
- HTTPS enforcement
- Content Security Policy (CSP) headers
- No sensitive data in client-side code
For general questions about this project, please use the standard GitHub issues.
For security-related matters only, use the email address above.
Thank you for helping keep this project secure!