Nuxt/SECURITY.md

# Security Policy

## Reporting a Vulnerability

To report a vulnerability, please send an email to **security@nuxtjs.org** or submit it for a bounty via [Huntr](https://huntr.dev/bounties/disclose/?target=https://github.com/nuxt/framework).

All security vulnerabilities will be promptly verified and addressed. 

While the discovery of new vulnerabilities is rare, we also recommend always using the latest versions of Nuxt and other dependencies by maintaining lock files (`yarn.lock`, `package-lock.json` and `pnpm-lock.yaml`) in order to ensure your application remains as secure as possible.
docs: add notes about reporting security issues (#4895) Co-authored-by: Daniel Roe <daniel@roe.dev> 2022-06-17 08:00:37 +00:00			`# Security Policy`

			`## Reporting a Vulnerability`

			`To report a vulnerability, please send an email to security@nuxtjs.org or submit it for a bounty via [Huntr](https://huntr.dev/bounties/disclose/?target=https://github.com/nuxt/framework).`

			`All security vulnerabilities will be promptly verified and addressed.`

			While the discovery of new vulnerabilities is rare, we also recommend always using the latest versions of Nuxt and other dependencies by maintaining lock files (`yarn.lock`, `package-lock.json` and `pnpm-lock.yaml`) in order to ensure your application remains as secure as possible.