From f7c67ef85824fe4f916ae1a025395896a245ddd4 Mon Sep 17 00:00:00 2001 From: Ben Word Date: Sun, 18 Aug 2024 08:58:21 -0500 Subject: [PATCH] =?UTF-8?q?=E2=9C=8F=EF=B8=8F=20minor=20typo?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- SECURITY.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/SECURITY.md b/SECURITY.md index 8ac5bd969d..0ed04a8b3a 100644 --- a/SECURITY.md +++ b/SECURITY.md @@ -2,6 +2,6 @@ If you believe you have found a security vulnerability in bud.js, we encourage you to let us know right away. We will investigate all legitimate reports and do our best to quickly fix the problem. -While we take security very seriously it is important to remember that nearly all bud.js dependencies are run in local developer environments only, and even more bud.js dependencies are only used within the context of this repository. In the context of a build tool, many "vulenrabilities" are safe to ignore. Runtime vulnerabilities will always be taken very seriously and handled with urgency. +While we take security very seriously it is important to remember that nearly all bud.js dependencies are run in local developer environments only, and even more bud.js dependencies are only used within the context of this repository. In the context of a build tool, many "vulnerabilities" are safe to ignore. Runtime vulnerabilities will always be taken very seriously and handled with urgency. Check out [npm audit: Broken by Design by Dan Abramov](https://overreacted.io/npm-audit-broken-by-design/) if you're interested in our thinking around the severity of non runtime security issues.