Security

SECURITY.md

Security Policy

Supported Versions

Version	Supported
1.x	✅

Reporting a Vulnerability

If you discover a security vulnerability, please:

Do NOT open a public issue
Email: security@example.com (or open a private security advisory)
Include:
- Description of the vulnerability
- Steps to reproduce
- Potential impact
- Suggested fix (if any)

Response Timeline

Initial response: 48 hours
Status update: 7 days
Fix timeline: Depends on severity

Security Best Practices

When using NotificationKit:

Never include sensitive data in notification content
Use thread identifiers carefully
Validate user info payloads
Handle push tokens securely

Thank you for helping keep NotificationKit secure!

There aren’t any published security advisories