Only the latest version of node-zendesk is currently being supported with security updates.

If you believe you've found a security vulnerability in node-zendesk, please send an email to [email protected] detailing the suspected issue. Do not open a public GitHub issue if the bug is a security vulnerability.

To help us understand the scope and impact of the security issue, please include as much detail as possible. This might include:

• Steps to reproduce the issue, ideally a minimized test case.
• Your expected result.
• Your observed result.

After you've submitted a vulnerability report:

• We will acknowledge receipt of your vulnerability report.
• We'll do our best to validate the reported vulnerability.
• If valid, please understand that node-zendesk is a labor of love and maintained without any sponsorship(yet). While we always aim to address vulnerabilities as quickly as possible, it might take some time depending on the availability of maintainers.
• Once resolved, we will provide an update on the report and possible mention in release notes (if you agree).

Thank you for helping to improve node-zendesk and for your patience.