We provide security updates for the following versions:
| Version | Supported |
|---|---|
| 0.1.x | ✅ |
| < 0.1 | ❌ |
If you discover a security vulnerability, please DO NOT create a public issue. Instead:
- Email us directly at hi@buildlayer.dev
- Include as much detail as possible about the vulnerability
- We will respond within 48 hours
- We will work with you to resolve the issue
When reporting a security vulnerability, please include:
- Description of the vulnerability
- Steps to reproduce
- Potential impact
- Suggested fix (if any)
- Your contact information
- Initial response: Within 48 hours
- Status update: Within 7 days
- Resolution: Depends on severity and complexity
We appreciate security researchers who help us improve our security. We will:
- Acknowledge your contribution (if desired)
- Credit you in our security advisories
- Work with you to ensure proper disclosure
When using @buildlayer/ai-react:
- Keep your dependencies updated
- Use environment variables for API keys
- Never commit API keys to version control
- Use HTTPS in production
- Regularly review your API usage
Thank you for helping keep @buildlayer/ai-react secure! 🔒