UNPKG

@nuwa-x/nuwault-core

Version:

Advanced password generation library with character diversity optimization, repetition control, and balanced distribution for maximum security

nuwault.com

nuwa-x/nuwault-core

66 lines (45 loc) 2.26 kB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
# Security Policy Thank you for taking security seriously and helping keep Nuwault Core safe. ## Reporting a Vulnerability **Please do not report security vulnerabilities via GitHub issues.** If you believe you’ve found a security issue in Nuwault Core, please report it privately and responsibly: - **Email**: [security@nuwault.com](mailto:security@nuwault.com) - **Subject**: "Security Vulnerability Report" - **Optional**: You may request our PGP public key for encrypted communication. Please include: - A clear description of the vulnerability - Steps to reproduce the issue - Affected versions - Impact assessment (CVSS score if possible) - Any proof of concept - Your contact info (optional for credit) ## Our Process & Timeline 1. **Acknowledgment**: Within 48 hours of receiving the report 2. **Assessment**: Within 5 business days 3. **Fix & Testing**: Patched within 7 days for critical issues 4. **Disclosure**: Coordinated with the reporter 5. **Credit**: Public acknowledgment if desired ## Security Practices We recommend users follow these best practices when using Nuwault Core: - Keep dependencies updated - Do not store master passwords in plaintext - Use HTTPS for all network communication - Secure your runtime environment and devices - Clear sensitive data from memory when no longer needed ## Security Features Nuwault Core implements: - **Deterministic generation**: Same input → same output - **SHA-512 hashing** with multiple iterations - **Secure random generation** for entropy-based operations - **Input validation** to ensure consistent, expected input structure - **Timing attack resistance** in critical comparisons ## Security Considerations - Password strength depends on the master password you choose. - Security also relies on your environment and application-level practices. - Memory safety and side-channel resistance are best-effort and should be validated externally for high-security contexts. ## Contact For any questions, concerns, or coordination: - **Email**: [support@nuwault.com](mailto:support@nuwault.com) - **Website**: [https://nuwault.com](https://nuwault.com) --- **Thank you for helping keep Nuwault Core secure!**