| Version | Supported |
|---|---|
| 1.x | Yes |
Please do not open a public issue for security vulnerabilities.
If you discover a security vulnerability in this package, please report it via GitHub Security Advisories.
Include as much of the following as you can:
- A description of the vulnerability
- Steps to reproduce
- Potential impact
- Suggested fix (if any)
- Acknowledgement within 48 hours
- Status update within 5 business days
- Fix or mitigation as soon as reasonably possible, depending on severity
We will coordinate with you on disclosure timing. We ask that you give us reasonable time to address the issue before public disclosure.
This policy applies to the churchsuite-api npm package. For vulnerabilities in the ChurchSuite platform itself, please contact ChurchSuite directly.