If you discover a security vulnerability, please report it responsibly.

Do NOT open a public issue.

Use GitHub's private vulnerability reporting instead.

We will acknowledge your report within 48 hours and aim to release a fix within 7 days for critical issues.

This policy applies to the strapi-typed-client npm package. Issues in Strapi itself should be reported to the Strapi team.