We take the security of calendar-simple very seriously.

Currently, only the latest major version of the library receives security updates.

If you discover a security vulnerability within calendar-simple, please DO NOT open a public issue on GitHub.

Instead, please send an email privately to [Insert Email Here] or use GitHub's private vulnerability reporting feature if enabled on the repository.

Please include as much information as possible:

• The type of issue (e.g., XSS, prototype pollution).
• The versions of calendar-simple affected.
• Step-by-step instructions on how to reproduce the issue.
• The potential impact of the vulnerability.

We will review reports and typically respond within [Insert Target Response Time, e.g., 48 hours] with our initial assessment and next steps.

Once a vulnerability is confirmed and patched, we will publish a security advisory and notify users of the update.