Because developers trust Ember.js to handle sensitive customer data in
production, we take the security of the project extremely seriously. Ember
remains one of the few JavaScript projects that has a clearly
outlined security policy and a
low-traffic mailing list exclusively for security
announcements.