The following versions of NovelJs receive active security updates:
| Version | Status |
|---|---|
| 1.x.x | Active |
| 0.x.x | Not Supported |
Please make sure you are using a supported version to receive security patches.
If you find a security vulnerability in NovelJs, please follow these steps:
- Do not open a public issue: To prevent others from exploiting the vulnerability, do not report security issues in the repository issues.
- Contact the project maintainer:
- Send an email to: security@noveljs.dev (example, adjust as appropriate).
- Provide a detailed description of the issue, including:
- Affected version of NovelJs.
- Steps to reproduce the issue.
- Potential impacts of the vulnerability.
- Expect a response: We strive to respond to security reports within 48 hours. If you need additional follow-up, you can write back to us.
Upon receiving a valid security report, we will:
- Investigate and confirm the issue in a secure environment.
- Develop and test a fix.
- Notify affected users privately before making the fix public.
- Release a security patch in the next stable release.
If you plan to contribute code to the project, please:
- Avoid using unnecessary external dependencies.
- Follow safe best practices for JavaScript, Node.js, and Electron.
- Test thoroughly to avoid introducing vulnerabilities.
If you are interested in learning more about security in software development, we recommend:
Thank you for your help in keeping NovelJs safe and reliable. 😊