If you discover a security vulnerability or any issue with the code in the book, that could potentially compromise the security of users, please follow these steps:

• Privately Notify Us: Directly message or email us at hello@isht.dev with the details of the security issue. Do not disclose the issue publicly until we have had a chance to address it.

• Provide Details: Please include the nature of the issue, the steps to reproduce it, and any relevant information that could help us understand and resolve the problem.

• Be Patient: We will acknowledge your report as soon as possible, and we will work diligently to address the issue within a reasonable timeframe. We will keep you updated on our progress.

Please note that this security policy only applies to the content and code within the learn-nodejs-hard-way repo. It does not cover any tools created in the book. Please report issues on their own github repositories.

We kindly request that you follow responsible disclosure practices:

• Give us a reasonable amount of time to address the issue before public disclosure.
• Do not exploit the issue for malicious purposes or to gain unauthorized access to systems.

We appreciate the efforts of security researchers and the community in helping to improve the security of the content. As a token of our gratitude, we will acknowledge your contribution in the book's acknowledgments section (unless you prefer to remain anonymous).

Your commitment to security is essential to maintaining the integrity of the this book. Thank you for working with us to make this open-source book safer for everyone.

Please note that this security policy is subject to change without notice. It was last updated on 22 Aug 2023. If you have any questions or concerns, please contact us at hello@isht.dev.