To report a vulnerability, please send an email to security+nitro@unjs.io or submit it for a bounty via Huntr.
All security vulnerabilities will be promptly verified and addressed.
We recommend to regularly upgrade and publish with the latest versions of used packages and sub-dependencies by maintaining lock files (yarn.lock
, package-lock.json
and pnpm-lock.yaml
) in order to ensure your application remains as secure as possible.