Please do not report security vulnerabilities publicly. Instead, email security concerns to:
📧 pleasureislanddesign@gmail.com
Include the following information:
- Type of vulnerability
- Location of the vulnerability
- Steps to reproduce (if possible)
- Potential impact
- Suggested fix (if you have one)
We take all security reports seriously and will respond promptly.
- Never commit sensitive information (API keys, passwords, tokens)
- Use environment variables for configuration
- Follow the principle of least privilege
- Keep dependencies up to date
All PRs undergo:
- ✅ Automated security scanning
- ✅ Manual code review
- ✅ Linting checks (catches common issues)
- ✅ Test coverage validation
- Regular dependency updates via npm audit
- Pinned versions in package-lock.json for reproducible installs
- GitHub security alerts enabled
None at this time. Please report any discovered vulnerabilities to the email above.
GitHub will post security advisories for any critical vulnerabilities found in this project.
Subscribe to notifications by:
- Go to https://github.com/willyd61/pleasureislanddesign.com
- Click "Watch" > "Custom"
- Enable "Security alerts"