We appreciate your efforts to responsibly disclose your findings, and will make every effort to acknowledge your contributions.

To report a security issue, please privately use the GitHub Security Advisory "Report a Vulnerability" tab. If that is impossible, feel free to send an email to [email protected] instead.

All security vulnerabilities will be promptly verified and addressed.

We also recommend always using the latest versions of Vueless and other dependencies by maintaining lock files (yarn.lock, package-lock.json and pnpm-lock.yaml) in order to ensure your application remains as secure as possible.

Report security bugs in third-party modules to the person or team maintaining the module. You can also report a vulnerability through the npm contact form by selecting "I'm reporting a security vulnerability".