We take the security of our repositories seriously, including all projects managed under our Craft Code Club GitHub organization.

All of our projects use GitHub Issues to track bugs and improvements. If you believe you have found a security vulnerability in any of our repositories, please open an issue in the respective project to notify us.

If you also have a proposed fix for a vulnerability, feel free to open a Pull Request with your suggested improvement. We will carefully review your contribution, and if it properly addresses the issue, we will merge it into a future version of the project.

Thank you for collaborating with us to make our projects safer and more secure.

We prefer all communications in English.

We aim to follow the official React release cycles and keep our project updated in tandem with stable versions of React. This ensures that we benefit from ongoing security patches and improvements in the React ecosystem.

While we strive to accommodate users on older versions, our ability to provide ongoing support or backport security fixes may be limited if it hinders the project's progress or diverges significantly from the latest React version. In such cases, we strongly encourage upgrading to the latest supported version of React to ensure optimal security and functionality.

We are committed to balancing support for older setups with the need to move our project forward. We value the feedback and needs of our community and will do our best to ensure a smooth transition, providing clear guidance regarding which versions of React (and other major dependencies) are actively supported.

Earlier versions of this project may not receive regular security updates. For the best experience and security, we strongly recommend updating to the latest version, where you can benefit from recent fixes and enhancements.

If we decide to discontinue a particular feature in this React project, we will provide a 6-month advance notice wherever possible. This could include:

• Announcing deprecation in the documentation.
• Logging warnings in the browser console.
• Clearly labeling functions/components as deprecated in the source code.

During this 6-month window, we recommend migrating to the suggested alternatives or adjusting your implementation accordingly. We will make every effort to provide clear guidance and assistance during the transition period.

After the 6-month notification period, the deprecated feature will be removed from the project. We plan the removal carefully to minimize any negative impact.

However, if a discontinued feature poses an immediate security risk to our project, we reserve the right to remove it without notice to protect the integrity and security of our codebase.

We appreciate your understanding and cooperation throughout any deprecation process, and we remain available to answer questions or provide additional guidance.