LoopBack implements the Module LTS policy.
| Version | Supported |
|---|---|
| LoopBack 4 | ✅ |
| LoopBack 3 | ❌ |
| LoopBack 2 | ❌ |
Supported connectors
Database connectors
- Cassandra connector
- CouchDB connector
- Cloudant connector
- DashDB connector
- IBM Db2 connector
- IBM Db2 for iSeries connector(deprecated)
- IBM Db2 for i connector
- IBM Db2 for z/OS connector
- Informix connector
- MongoDB connector
- MySQL connector
- Oracle connector
- PostgreSQL connector
- Redis connector
- Redis key-value connector
- SQL Server connector
- SQLite3 connector
- z/OS Connect Enterprise Edition connector
Other connectors
Within LoopBack 4, fixes are not backported across semver major versions of a package.
Security advisories can be found on the LoopBack website.
If you think you have discovered a new security issue with any LoopBack package, please do not report it on GitHub. Instead, send an email to security@loopback.io with the following details:
- Full description of the vulnerability.
- Steps to reproduce the issue.
- Possible solutions.
If you are sending us any logs as part of the report, then make sure to redact any sensitive data from them.
If you do not receive an acknowledgement of your report within 6 business days,
or if you cannot find a private security contact for the project, you may
escalate to the OpenJS Foundation CNA at security@lists.openjsf.org.
If the project acknowledges your report but does not provide any further response or engagement within 14 days, escalation is also appropriate.