| Version | Supported |
|---|---|
| 1.x.x | ✅ |
We take the security of Playwrong seriously. If you discover a security vulnerability, please report it responsibly.
- Do NOT open a public issue for security vulnerabilities
- Email the maintainers directly or use GitHub's private vulnerability reporting feature
- Include as much detail as possible:
- Description of the vulnerability
- Steps to reproduce
- Potential impact
- Suggested fix (if any)
- Acknowledgment within 48 hours
- Regular updates on progress
- Credit in the release notes (unless you prefer anonymity)
While Playwrong is a satirical library designed to make tests fail, we still care about:
- Dependency vulnerabilities
- Code injection risks
- Any issue that could affect systems using this library
Playwrong is designed to make tests fail. This is intentional behavior, not a security vulnerability. However, if you find a way that Playwrong could be exploited to cause harm beyond making tests fail, please let us know.
Remember: Security failures are the one type of failure we don't embrace.