Rad UI takes a proactive approach to security by implementing automated tools and processes to ensure our codebase remains safe and secure. We utilize industry-leading tools such as Snyk and Dependabot to continuously monitor dependencies and identify potential vulnerabilities in real-time. These tools provide automated alerts for outdated or insecure packages and suggest fixes, allowing us to address issues promptly.

In addition to dependency tracking, our development process integrates regular security audits and vulnerability scanning into the CI/CD pipeline to minimize risks during deployment. This comprehensive approach ensures that Rad UI remains secure while maintaining a fast-paced development cycle, giving users confidence in the reliability and safety of our project.

If you discover a security vulnerability in this project, please follow the steps below to report it:

1. Contact Us: You can raise an issue on the repo at https://github.com/rad-ui/ui/issues along with the details of the vulnerability. Please include:

   • A detailed description of the issue.
   • Steps to reproduce the vulnerability (if applicable).
   • Any potential impact of the vulnerability.

2. Acknowledgment: You will receive an acknowledgment of your report on the issue within 48 hours.

3. Assessment: The issue will be reviewed and prioritized based on severity and impact. You may be contacted for additional information.

4. Resolution: Once the issue is confirmed, we will work on a fix and may release an update. You will be notified of the resolution timeline and, if applicable, credited for your discovery (unless you prefer to remain anonymous).

5. Updates: While the issue is being addressed, we will try to provide updates at least every 7 days until the vulnerability is resolved.

Thank you for helping us ensure the security and integrity of our project!