We only support the latest version of this package.

Please report suspected security vulnerabilities to security@etch.co, with a working proof of concept.

We’ll try to respond within two working days (we work Monday to Friday, so if you report something on Friday, you probably won’t hear back until Monday or Tuesday).

Once we’ve confirmed the vulnerability, we’ll get a fix out as soon as possible, and keep you updated throughout.

If you have a concern about a package that we’re using, and there isn’t an open pull request or issue, then please open one!

We try to stay on top of package updates, but we always welcome extra help.