We currently provide security fixes for the latest @taquito/sapling-wasm release line.
| Release Line | Supported |
|---|---|
| 0.1.x | ✅ |
| < 0.1.0 | ❌ |
Current supported Node.js runtimes for this repository are:
| Node.js | Supported |
|---|---|
| 24.x | ✅ |
| 22.x | ✅ |
| < 22 | ❌ |
Please do not report security vulnerabilities in public GitHub issues, discussions, or pull requests.
Private vulnerability reporting is enabled on GitHub for this repository and is the preferred reporting channel:
- Go to the repository Security page.
- Open the advisories section.
- Use Report a vulnerability to send the report privately.
If GitHub private reporting is not suitable for your case, email security@ecadlabs.com.
When possible, include:
- A clear description of the issue and impacted package surface or workflow.
- Steps to reproduce the problem or a proof of concept.
- The affected
@taquito/sapling-wasmversion and Node.js version. - Any suggested mitigations or fixes you are aware of.
We will review the report, acknowledge receipt, and coordinate remediation privately.