If you discover a security vulnerability in WebVitals.com, please report it responsibly.
Do not open a public GitHub issue for security vulnerabilities.
Instead, please report security issues to:
- Email: security@sentry.io
- GitHub Security Advisories: Use the "Report a vulnerability" button in the Security tab
When reporting a vulnerability, please include:
- Description of the vulnerability
- Steps to reproduce
- Potential impact
- Any suggested fixes (optional)
- Acknowledgment: Within 48 hours
- Initial Assessment: Within 1 week
- Resolution Target: Depends on severity
We provide security updates for the latest version of WebVitals.com deployed at webvitals.com.
When contributing to or deploying WebVitals.com:
- Never commit API keys or secrets
- Use environment variables for sensitive configuration
- Keep dependencies updated
- Report any suspicious activity
We appreciate responsible disclosure and will acknowledge security researchers who help improve our security.