UNPKG

ticket-hero-sdk

Version:

A Pomodoro App for Jira Users

github.com/dhanushk2105/ticket-hero-sdk

dhanushk2105/ticket-hero-sdk

72 lines (45 loc) 2.87 kB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
# Security Policy ## Supported Versions Currently, we support the following versions of Ticket Hero SDK with security updates: | Version | Supported | | ------- | ------------------ | | 1.0.x | :white_check_mark: | | < 1.0 | :x: | ## Reporting a Vulnerability We take the security of Ticket Hero SDK seriously. If you believe you've found a security vulnerability, please follow these steps: ### Where to Report Please **DO NOT** report security vulnerabilities through public GitHub issues. Instead, please send an email to [YOUR EMAIL ADDRESS] with the subject line "Ticket Hero SDK Security Vulnerability". ### What to Include When reporting a vulnerability, please include: 1. A description of the vulnerability 2. The steps you took to discover the vulnerability (a proof of concept is helpful) 3. The potential impact of the vulnerability 4. Any ideas for how to fix the vulnerability (optional) ### What to Expect After you've submitted a vulnerability report, you can expect: 1. **Acknowledgment**: We will acknowledge receipt of your vulnerability report within 48 hours. 2. **Verification**: We will work to verify the issue and determine its severity. 3. **Fix Development**: If the vulnerability is confirmed, we will develop a fix and test it. 4. **Public Disclosure**: Once a fix is available, we will coordinate disclosure of the vulnerability. ## Security Best Practices for Users To ensure your own security when using Ticket Hero SDK: 1. **Keep Updated**: Always use the latest version of Ticket Hero SDK 2. **Limited Access**: Only share your data file with trusted parties 3. **Backup Data**: Regularly backup your Ticket Hero data files 4. **Review Dependencies**: Be aware of the npm dependencies used by this package ## Security Features Ticket Hero SDK provides these security features: 1. **Local Data Storage**: All your data is stored locally on your computer, not in the cloud 2. **Data Backups**: Automated backup functionality to prevent data loss 3. **No Remote Connections**: The app operates entirely offline by default ## Security Updates Security updates will be published in new package versions on npm and detailed in the CHANGELOG.md file. Critical security updates will be identified as such. ## Security Architecture Ticket Hero SDK is a Node.js command-line application that: 1. Stores all data locally in JSON format 2. Does not transmit any data over the network 3. Processes all information on the local machine 4. Has no authentication mechanism as it's a single-user, local application ## Commitment to Security We are committed to working with the security community to verify, reproduce, and respond to legitimate security vulnerabilities. We appreciate your efforts to disclose your findings responsibly and will make every effort to acknowledge your contributions.