If you're reading this, it is likely because you take open source software security seriously. Thank you!

We are currently compiling an open source software security best practices document. Link to come.

Unless otherwise specified, it is recommended to regularly update to the most recent version of this software package, and to review the security test results, ideally automating this process and including an alerting feature.

Observe the vulnerabilities badge on the project README page and follow the link to consult independent test results by snyk.io of the latest commit.

Should you discover a novel security issue or vulnerability, kindly report your findings to security@reelyactive.com, and provide sufficient detail to effectively address, if not resolve, the issue. Kindly also provide a means of contact should additional detail be required, and also so we can return our thanks!

These security guidelines were drafted by the reelyActive team and we invite you to adapt them for your own projects under a Creative Commons Attribution 4.0 International License.