NVIDIA takes the security of our software products seriously. If you believe you have found a security vulnerability in pi-dynamo-provider NPM module, please report it through coordinated disclosure to the NVIDIA Product Security Incident Response Team (PSIRT).

Please do not report security vulnerabilities through public GitHub issues, discussions, or pull requests.

Instead, please report them by either:

• Email: psirt@nvidia.com
• Web form: NVIDIA Security Vulnerability Submission Form

For sensitive disclosures, NVIDIA's PGP key is available on the same page.

When reporting, please include as much of the following as you can:

• The affected NPM version(s) (e.g. pi-dynamo-provider 0.1.0).
• A description of the vulnerability and the impact.
• Step-by-step reproduction instructions, or a minimal proof-of-concept.
• Any known mitigations or workarounds.

Once a report is received, the PSIRT team will coordinate with the maintainers of this repository on triage, fix development, and coordinated disclosure timing.

This repository is in active development; we generally support and accept security fixes against the latest published version of the module published at NPM. Older versions are not supported.

• NVIDIA Product Security: https://www.nvidia.com/en-us/security/
• NVIDIA PSIRT Policy: https://www.nvidia.com/en-us/security/psirt-policies/