If you discover a vulnerability in this repository, report it privately using one of these channels:
- GitHub Security Advisory draft: https://github.com/Nick2bad4u/eslint-plugin-write-good-comments-2/security/advisories/new
- Maintainer email: 20943337+Nick2bad4u@users.noreply.github.com
Please do not open public issues for unpatched vulnerabilities.
Include as much detail as possible:
- Affected version(s)
- Reproduction steps or proof of concept
- Security impact
- Any known mitigations
Only the latest published release is considered actively supported for security fixes.
| Version | Supported |
|---|---|
| Latest | ✅ |
| Older | ❌ |
- Initial acknowledgment target: within 7 days
- Triage and remediation timeline: depends on severity and complexity
- Public disclosure: after a fix is available or a coordinated disclosure date is agreed
- Keep
eslint-plugin-write-good-comments-2, ESLint, TypeScript, and dependencies updated. - Run linting in CI on trusted code only.
- Review new rule autofixes before applying at scale.
Responsible disclosure is appreciated. We can credit reporters in release notes if requested.