.github/SECURITY.md

To report a genuine* security vulnerability with angular-eslint, please use theTidelift security contact.Tidelift will coordinate the fix and disclosure.

*Not all flagged vulnerabilities are valid and context is important.angular-eslint is a development time only toolset, it is never deployed to a server and never takes user input other than your own.

Please consider reading this article to learn about how dependency audits lead to inaccurate vulnerability reports:https://overreacted.io/npm-audit-broken-by-design/

There aren’t any published security advisories