PostCSS Prefix Wrap // Security
Outlines how security is considered during the development of PostCSS Prefix Wrap.
- Dependency Vulnerability and Code Scanning
- Security Disclosure Policy
- Security Update Policy
- Security Related Configuration
- Known Security Gaps and Future Enhancements
- GitHub code scanning via CodeQL and Snyk
- GitHub dependabot alerts
- GitHub dependabot security updates
- GitHub secret scanning
- OSV Scanning
- Semgrep
- Snyk code analysis
- Snyk dependency scanning
Privately report a vulnerability using GitHub Security Advisories.
Best efforts will be taken to apply code fixes or update vulnerable packages as soon as is possible, this will usually be within a couple of days.
None currently.
Look at GitHub issues tagged Security.