fix: address code review feedback

Copilot · npv2k1 · Copilot · commit 92ff6bfc9e86 · 2025-12-21T02:38:47.000Z
Co-authored-by: npv2k1 &lt;73846954+npv2k1@users.noreply.github.com&gt;
diff --git a/.github/FUNDING.yml b/.github/FUNDING.yml
diff --git a/.github/workflows/quality.yml b/.github/workflows/quality.yml
@@ -40,7 +40,8 @@ jobs:
           fi
       
       - name: Check package.json for security issues
-        run: npm audit --audit-level=high || true
+        run: npm audit --audit-level=moderate
+        continue-on-error: true
       
       - name: Analyze bundle size
         run: |
diff --git a/SECURITY.md b/SECURITY.md
@@ -18,7 +18,10 @@ We take security bugs seriously. We appreciate your efforts to responsibly discl
 If you discover a security vulnerability, please follow these steps:
 
 1. **DO NOT** open a public issue
-2. Email the maintainers at [security contact - to be added]
+2. Use GitHub's Security Advisory feature to privately report the vulnerability:
+   - Go to the repository's Security tab
+   - Click "Report a vulnerability"
+   - Fill out the advisory form
 3. Include the following information:
    - Type of vulnerability
    - Full paths of source file(s) related to the vulnerability
