Skip to content

Security: vemjs/vem

Security

SECURITY.md

Security Policy

Supported Versions

Vem is pre-1.0 and ships from the latest published release only. Security fixes land on the latest minor of each package; older 0.x minors are not back-patched.

Package Supported
@vemjs/core latest 0.x release
@vemjs/renderer-vecto latest 0.x release
@vemjs/plugin-api latest 0.x release
@vemjs/lsp-client latest 0.x release

Reporting a Vulnerability

If you discover a security vulnerability within this project, please DO NOT create a public issue. Instead, report it privately via GitHub Security Advisories.

We take all security issues seriously and will respond to reports as quickly as possible. Upon verification, we will provide a timeline for the fix and coordinate a public disclosure after the patch has been released.

There aren't any published security advisories