The following versions of Number System Converter v1 are currently supported with security updates:
| Version | Supported |
|---|---|
| 1.0.0 | ✅ |
| Future | ✅ (Latest release) |
We recommend using the latest version from the repository to ensure you have the most recent security fixes and improvements.
If you discover a security vulnerability in Number System Converter v1, we appreciate your help in disclosing it responsibly. Please follow these steps:
- Do Not Disclose Publicly: Avoid sharing details of the vulnerability in public forums, such as GitHub issues, social media, or other platforms, until it has been addressed.
- Contact the Maintainer Privately:
- Email the maintainer via the contact details provided on the Ko-fi page.
- Include a detailed description of the vulnerability, steps to reproduce, and potential impact.
- Response Time:
- You can expect an initial response within 48 hours.
- We will work with you to validate and address the issue promptly.
- Disclosure:
- Once the vulnerability is fixed, we will coordinate with you on public disclosure, if appropriate.
- Credit will be given for your discovery in release notes, unless you prefer anonymity.
To keep your use of Number System Converter v1 secure:
- Use Trusted Sources: Download or clone the application only from the official GitHub repository.
- Update Assets: Ensure CDN-loaded assets (e.g., Font Awesome, Google Fonts) are from reputable sources. Consider hosting them locally for added security.
- Input Validation: The application validates inputs client-side, but avoid using it with untrusted or malicious inputs to prevent potential XSS risks.
- Local Storage: Be aware that history data is stored in the browser’s local storage, which could be accessed by malicious scripts if the app is run in an untrusted environment.
- HTTPS: If hosting online, serve the application over HTTPS to protect data in transit.
Number System Converter v1 relies on the following third-party assets, which may have their own security policies:
- Font Awesome: Icons loaded via CDN.
- Google Fonts: Poppins font loaded via CDN.
Check the respective project pages for their security advisories and ensure you’re using the versions specified in index.html.
Thank you for helping keep Number System Converter v1 secure!