| 12345678910111213141516171819202122232425 |
- # Security Policies and Procedures
- ## Reporting a Bug
- The `cookie` team and community take all security bugs seriously. Thank
- you for improving the security of the project. We appreciate your efforts and
- responsible disclosure and will make every effort to acknowledge your
- contributions.
- Report security bugs by emailing the current owner(s) of `cookie`. This
- information can be found in the npm registry using the command
- `npm owner ls cookie`.
- If unsure or unable to get the information from the above, open an issue
- in the [project issue tracker](https://github.com/jshttp/cookie/issues)
- asking for the current contact information.
- To ensure the timely response to your report, please ensure that the entirety
- of the report is contained within the email body and not solely behind a web
- link or an attachment.
- At least one owner will acknowledge your email within 48 hours, and will send a
- more detailed response within 48 hours indicating the next steps in handling
- your report. After the initial reply to your report, the owners will
- endeavor to keep you informed of the progress towards a fix and full
- announcement, and may ask for additional information or guidance.
|
