Poku is an open-source project, so you can see both the Source Code on GitHub Repository and the Distribution Code on NPM.

@pokujs/docker starts a background process for each container initialized and handles its starting and ending.

• Prevents shell scripts by setting shell to false in spawn options, ensuring that only secure arguments will be used.
• Every RegExp is prev-tested using the ReDoS Checker.

Currently, security updates will be applied to the following versions of Poku:

• Please, give detailed reports
• Include steps to reproduce the vulnerability, and if possible, a patch or workaround.
• Include the specific version of Poku you are using.

Reporting:

• https://github.com/pokujs/docker/security/advisories

Once the issue has been resolved, you will be attributed a part of the report.