Thank you for taking the time to help improve the security of this project. We strive to maintain a safe, client-side experience for our users and appreciate responsible disclosure of vulnerabilities.
If you discover a security issue in GitHub Repo Readme Stats Widget, please follow these guidelines:
- 📧 Contact: fewinfos[at]gmail[dot]com
- 📦 Include detailed information such as:
- Steps to reproduce
- Screenshots or logs
- Browser and OS used
Please avoid publicly disclosing the issue until we’ve had time to investigate and apply fixes.
We aim to respond within 48 hours and address verified issues within 7 days.
This project is fully client-side, with no backend. Please focus reports on:
- 🕵️ Cross-site scripting (XSS) issues
- 🧪 Malicious injection via GitHub REST API responses
- 🛡️ Mishandling of user-supplied repo URLs
- 📊 Risks involving embedded visualizations (Chart.js)
Reports unrelated to security (e.g. feature requests, UI bugs) should be submitted via [GitHub Issues].
Encrypted communication is available on request using GPG. Let us know if you’d like the public key.
We deeply value your contribution to secure open-source tools. Thank you for helping make this widget safer and better! 💖