Skip to content

Security: adamlaska/web3.js

Security

SECURITY.md

Security Policy

Supported Versions

Legacy-compatibility releases v1.x:

  • ⏳ Web3.js currently undergoes a quick release cycle with regular minor and patch releases.
  • 🌐 We encourage using the most recently released version from the v1.x release track before reporting an issue.

Future rewrites and feature tracks v2.x, v3.x, and v4.x:

  • ⌛ Web3.js currently undergoes a complete refactoring and rewrite. At this time it is not recommended to use any of these release tracks, yet.
  • 🛑 We encourage not using these releases until official stable releases will be announced.

Reporting a Vulnerability

  • 🚨 Please, send vulnerability reports to [email protected].
  • ⚠️ Please do not file a public ticket mentioning the vulnerability, as doing so could increase the likelihood of the vulnerability being exploited before a fix has been created, released and installed on the network.

There aren’t any published security advisories