Patches for security vulnerabilities are only provided for the latest minor version of the project. It is recommended to always use the latest version of the project to ensure you have the latest security patches. Since we do not store any sensitive information in this project, the risk of security vulnerabilities is low.
| Version | Supported |
|---|---|
| 2.x | ✔ |
| < 2.0 | X |
Please open a GitHub issue to report any security vulnerabilities. We take security seriously and will respond promptly to address any reported vulnerabilities.
When reporting a security vulnerability, please include the following information:
- Keep Dependencies Updated: Regularly update your Angular dependencies to the latest versions to ensure you have the latest security patches.
- Use Angular's Built-in Security Features: Utilize Angular's built-in security features such as sanitization, content security policy (CSP), and Angular's HttpClient for making HTTP requests.
- Avoid Using
innerHTML: Avoid usinginnerHTMLto insert dynamic content. Use Angular's data binding instead. - Enable Strict Template Checking: Enable strict template checking in your
tsconfig.jsonto catch potential security issues early. - Use Angular CLI: Use Angular CLI to generate components, services, and other code to ensure best practices are followed.
- Validate Input: Always validate and sanitize input data to prevent injection attacks.
- Use Secure Libraries: Use well-maintained and secure libraries for making HTTP requests and handling JSON data.
- Handle Exceptions: Properly handle exceptions to avoid exposing sensitive information.
- Limit Permissions: Run your Python scripts with the least privileges necessary to reduce the impact of a potential security breach.
- Keep Dependencies Updated: Regularly update your Python dependencies to the latest versions to ensure you have the latest security patches.
Thank you for helping to keep this project secure!