We take the security of Timeconverter seriously. If you discover a security vulnerability, please help us protect our users by reporting it responsibly.
Please DO NOT report security vulnerabilities through public GitHub issues.
Instead, please report security vulnerabilities using one of these methods:
- GitHub Security Advisories (preferred): https://github.com/MiguVT/Timeconverter/security
- Email: contacto@miguvt.com
Timeconverter is a simple, client-side time conversion tool. Due to its straightforward nature, serious security vulnerabilities are unlikely - but not impossible. Still appreciate any reports to keep things safe for users.
To help us understand and resolve the issue quickly, please include:
- Description of the vulnerability
- Steps to reproduce the issue
- Potential impact of the vulnerability
- Suggested fix (if you have one)
- Your contact information for follow-up questions
This project is primarily maintained by one person (@MiguVT), so please be patient:
- I'll do my best to respond as quickly as possible
- I'll work to fix legitimate security issues promptly
- No guaranteed timeline - but security issues are treated as high priority
- With your permission, I'll credit you in the security advisory
We release security updates for the following versions:
| Version | Supported |
|---|---|
| Latest | β Yes |
| Older | β No |
We recommend always using the latest version of Timeconverter.
When using or deploying Timeconverter:
- Keep your dependencies up to date (pin versions, don't use
latest- if someone compromises a dependency, they compromise your app) - Use HTTPS when deploying (not critical for a client-side app with no sensitive data, but still good practice)
- Follow the deployment guidelines in the README
- Report any suspicious behavior
As a solo-maintained project, I don't have fixed SLAs, but my approach is:
- Critical vulnerabilities: Highest priority - addressed ASAP
- Other issues: Fixed as quickly as possible based on severity and availability
Thanks to the security research community and anyone who helps keep Timeconverter safe. Your patience and help protecting users is appreciated!
For general questions or support, use GitHub Discussions or open an issue.