We know that building your apps on top of a framework requires
trust, and that trust is never put to the test more than when security
vulnerabilities are discovered.
While we're very fortunate to work on an open source project that runs
in a sandboxed environment, the browser, we realize that even JavaScript
applications can be vulnerable to attacks from malicious third-parties.