The Validators project follows a rolling-release model.
Only the latest main branch is actively maintained for bug and security fixes.
| Version | Supported |
|---|---|
| main | ✅ |
| < main | ❌ |
If you discover a security issue or suspect a potential vulnerability:
-
Do not open a public issue.
Please report it privately via email at security@y-consulting.us or through GitHub Security Advisories. -
Include the following information:
- A clear description of the issue
- Steps to reproduce, if applicable
- Impact or potential exploit scenario
- Suggested mitigation or fix (optional)
-
You will receive an acknowledgment within 72 hours.
Once verified, we will:- Reproduce and confirm the issue
- Work on a fix in a private branch
- Credit responsible disclosure in release notes (unless anonymity requested)
- Coordinated disclosure preferred.
- Fixes are released publicly once validated and merged into
main. - Proof-of-concept or exploit details are not published until a patch is available.
This policy applies to all modules in the Validators repository:
is-card-safeis-email-safeis-iban-safeis-ip-safeis-json-safeis-password-safeis-phone-e164is-url-safeis-us-tin-safeis-vat-safe- etc
© 2025 Y Consulting LLC — Validators Project