If you discover any security vulnerabilities in the es-hangul package, please report them immediately. We take security seriously and will address all legitimate reports in a timely manner.
To report a vulnerability, please email us at [chanhyuk.park@toss.im]. Provide as much detail as possible about the vulnerability, including:
- The nature of the vulnerability
- Steps to reproduce the issue
- Any potential risks or impacts on users
- Your contact information for further clarification
- We will acknowledge receipt of your report within 48 hours and begin investigating the issue.
- After validating the report, we will work to fix the vulnerability and release an update as soon as possible.
- You will be informed of the resolution once the fix is deployed and may be credited in the release notes if desired.
- Security patches will be communicated through GitHub releases and other relevant channels.
We recommend following these best practices to help maintain the security of your application when using es-hangul:
- Always use the latest version of es-hangul.
- Regularly update your dependencies to include the latest security fixes.
- Review and monitor your own usage for potential security issues.
If you have any questions or need further information, please don't hesitate to contact us.