The following versions of es-query-builder are currently supported with security updates:
| Version | Supported |
|---|---|
| ≥ 0.3.6 | ✅ Supported |
| < 0.3.6 | ❌ Not Supported |
We encourage the community to report security vulnerabilities responsibly to help us maintain the integrity of es-query-builder.
- For most issues, please create a GitHub Issue in the repository Issues section.
- Include the following details in your report:
- A description of the vulnerability.
- Steps to reproduce the issue.
- (Optional) Your suggestions for mitigation or fixes.
If the vulnerability is sensitive and public disclosure could pose a risk, please report it privately by using GitHub's private security advisory feature.
- Acknowledgment: We will respond to your report within 48 hours.
- Resolution Process:
- Accepted vulnerabilities will be assigned a severity level and prioritized.
- A fix is typically delivered within 30 days, depending on severity.
- Confidentiality: Please avoid sharing the vulnerability details publicly until a fix has been released.
We appreciate your contributions to keeping es-query-builder secure!