Security

Security Incident - AWS S3 Access Key Exposure

On November 29th, 2016, the Ember security team was notified that version 2.11.0-beta.1 of the ember-source npm package inadvertently included a file that contained an AWS access key. This access key had permissions for full read/write access to the...

Announcing the Ember.js Security Policy

We know that building your apps on top of a framework requires trust, and that trust is never put to the test more than when security vulnerabilities are discovered.

While we're very fortunate to work on an open source project that runs in a sandboxed...