Versions 1.0.0 and later are recommended for production use. All security vulnerability issues will be taken seriously and resolved in some way.
Please enter a report on the project's Github issue tracker using the bug template. https://github.com/erikh2000/web-enc-at-rest/issues
Maybe it seems clear to you that existing users of WEaR could be impacted, and I'm not responding to your issue in a reasonable amount of time. In this case, I encourage you to file a vulnerability report with NPM to reduce potential harm.