If you believe you have found a security or privacy issue in this project, please report it privately.
- email: devs@put.io
Private reports are preferred for security and privacy issues.
If you are unsure whether something is sensitive, email first instead of opening a public issue.
Useful reports usually include issues involving:
- token, secret, or credential exposure
- unsafe package contents or release artifacts
- unsafe command execution through project config
- Tizen signing material committed or exposed through generated files
- GitHub Actions release or publish risk
- test only against accounts, environments, and data you control
- avoid destructive behavior, service disruption, or automated high-volume testing
- do not open public issues for suspected vulnerabilities
Only the latest npm release is supported.
Please allow a reasonable amount of time to investigate and fix the issue before sharing details publicly.