Only the latest version of each project is supported with security updates.

If you discover a security vulnerability, please report it responsibly:

1. Do not open a public issue
2. Email security concerns to the repository owner
3. Include steps to reproduce and potential impact

All repositories in this account enforce:

• ignore-scripts=true in .npmrc — blocks postinstall-based attacks
• Dependabot — weekly automated dependency updates
• npm ci in all CI/CD pipelines — deterministic installs from lock files
• Socket.dev monitoring (where enabled) — flags malicious packages