The latest release of QUnit is supported with security updates.

If you discover a vulnerability, we would like to know about it so we can take steps to address it as quickly as possible.

E-mail your findings to security@jquery.com. Thanks!

If you do not receive an acknowledgement of your report within 6 work days, you may escalate to the OpenJS Foundation CNA at security@lists.openjsf.org.

If your report is acknowledged but you receive no further response or engagement within 14 days, escalation is also appropriate.