We actively support the following versions of React Toaster with security updates:

The React Toaster team takes security vulnerabilities seriously. We appreciate your efforts to responsibly disclose your findings.

If you discover a security vulnerability, please follow these steps:

1. Do NOT create a public GitHub issue for the vulnerability
2. Send an email to the maintainer at: [[email protected]] (Replace with your actual security contact)
3. Include the following information in your report:
   • Description of the vulnerability
   • Steps to reproduce the issue
   • Potential impact of the vulnerability
   • Any suggested fixes or mitigations

• Acknowledgment: We will acknowledge receipt of your vulnerability report within 48 hours
• Initial Response: We will provide an initial response within 5 business days
• Resolution: We aim to resolve critical vulnerabilities within 30 days
• Credit: With your permission, we will acknowledge your contribution in our security advisories

When using React Toaster in your applications:

1. Keep Dependencies Updated: Regularly update React Toaster and its peer dependencies
2. Input Validation: Always validate and sanitize user input before displaying in toasts
3. Content Security: Be cautious when displaying dynamic content in toast messages
4. Environment Security: Ensure your React Native environment is properly secured

This security policy applies to:

• The main React Toaster library
• Official documentation and examples
• The npm package hn-react-native-toaster

The following are not covered by this security policy:

• Third-party integrations or modifications
• Issues in peer dependencies (report these to the respective maintainers)
• General React Native security issues

Security updates will be released as patch versions and will be clearly marked in the changelog. We recommend:

• Enabling automated security updates in your dependency management
• Subscribing to our releases on GitHub
• Following our security advisories

For security-related questions or concerns, please contact:

• Email: [[email protected]] (Replace with your actual contact)
• GitHub: Create a private security advisory on our repository

Thank you for helping keep React Toaster and our community safe!