ts-serializable 4.4.0 → 4.5.0

package/CHANGELOG.md

@@ -0,0 +1,487 @@
+# Changelog
+
+All notable changes to this project will be documented in this file.
+
+## [4.5.0] - 2025-12-07
+
+### 🚀 Features
+
+- Add issue templates for bug reports and feature requests, and enhance contribution guidelines
+
+### ⚙️ Miscellaneous Tasks
+
+- Update Dependabot schedule to run on Tuesdays, remove .npmignore, and enhance package.json
+
+# Changelog
+
+All notable changes to this project will be documented in this file.
+
+## [4.4.1] - 2025-11-15
+
+# Changelog
+
+All notable changes to this project will be documented in this file.
+
+## [4.4.0] - 2025-10-18
+
+### 🚀 Features
+
+- Enhance fromJSON function to accept class constructors for deserialization
+
+# Changelog
+
+All notable changes to this project will be documented in this file.
+
+## [4.3.2] - 2025-10-07
+
+### 🐛 Bug Fixes
+
+- Update import paths to include .js extension for compatibility
+
+# Changelog
+
+All notable changes to this project will be documented in this file.
+
+## [4.3.1] - 2025-10-07
+
+### ⚙️ Miscellaneous Tasks
+
+- Update devDependencies to latest versions
+
+# Changelog
+
+All notable changes to this project will be documented in this file.
+
+## [4.3.0] - 2025-10-07
+
+### 🚀 Features
+
+- Add toJSON function and refactor Serializable class to utilize it
+- Export toJSON function in index.ts
+
+### 🐛 Bug Fixes
+
+- Correct import path for getPropertyName function and add UserSimple model with tests
+
+### 🚜 Refactor
+
+- Reorganize functions and improve serialization methods in Serializable class
+- Enhance documentation for methods in Serializable class and related functions
+
+### 📚 Documentation
+
+- Update README.md to enhance features, installation instructions, and usage examples
+
+## [4.2.2] - 2025-09-07
+
+### 🐛 Bug Fixes
+
+- ClassToFormData to use nested arrays in formdata and enable array assertions in tests
+
+## [4.2.1] - 2025-07-17
+
+### ⚙️ Miscellaneous Tasks
+
+- Update dependencies and improve type definitions
+
+## [4.2.0] - 2025-04-10
+
+### 🚀 Features
+
+- Enhance documentation with detailed comments for serialization classes and decorators
+
+### 🐛 Bug Fixes
+
+- Correct typos and improve clarity in README documentation
+
+## [4.1.0] - 2025-04-10
+
+### 🚀 Features
+
+- Update dependencies versions
+
+## [4.0.0] - 2025-03-25
+
+### 🚀 Features
+
+- [**breaking**] Drop support class mutation by jsonObject decorator
+- Update dependencies versions
+
+## [3.7.3] - 2025-01-03
+
+### 🐛 Bug Fixes
+
+- Remove duplicated node module check
+
+## [3.7.2] - 2025-01-01
+
+### ⚙️ Miscellaneous Tasks
+
+- Update actions version
+
+## [3.7.1] - 2025-01-01
+
+### 📚 Documentation
+
+- Update readme
+
+## [3.7.0] - 2025-01-01
+
+### 🚀 Features
+
+- Add support serialization to FormData
+
+## [3.6.0] - 2024-12-31
+
+### 🚀 Features
+
+- Replace mocha by native node test runner
+
+## [3.5.0] - 2024-12-30
+
+### 🚀 Features
+
+- Update eslintconfig, format code with new config
+
+## [3.4.0] - 2024-12-26
+
+### 🚀 Features
+
+- Update dependencies versions, new config for eslint 9
+
+## [3.3.0] - 2024-10-05
+
+### 🚀 Features
+
+- Update dependencies versions
+
+## [3.2.3] - 2024-06-02
+
+### ⚙️ Miscellaneous Tasks
+
+- Update dependencies versions
+- Sync package-lock
+
+## [3.2.2] - 2024-06-02
+
+### 📚 Documentation
+
+- Update README
+
+## [3.2.1] - 2024-06-02
+
+### 🐛 Bug Fixes
+
+- Begin use cliff-jumper for generate changelog and version
+
+## [3.2.0] - 2024-06-02
+
+### 🚀 Features
+
+- Replace standart-version by git-cliff for generation changelog
+
+### ⚙️ Miscellaneous Tasks
+
+- Fix got-cliff bump
+- Git-cliff
+- *('ts-serializable')* Release 'ts-serializable'@3.1.0
+- Use cliff-jumper instead of git-cliff
+- Test cliff-jumper
+
+## [3.1.0] - 2024-06-02
+
+### 🚀 Features
+
+- Replace standart-version by git-cliff for generation changelog
+
+### ⚙️ Miscellaneous Tasks
+
+- Fix got-cliff bump
+- Git-cliff
+
+## [3.1.0] - 2024-06-02
+
+### 🚀 Features
+
+- Replace standart-version by git-cliff for generation changelog
+
+### ⚙️ Miscellaneous Tasks
+
+- Fix got-cliff bump
+- Git-cliff
+
+## [3.0.59] - 2024-06-02
+
+### ⚙️ Miscellaneous Tasks
+
+- *(release)* 3.0.59
+
+## [3.0.58] - 2024-06-02
+
+### 🚀 Features
+
+- *(ci)* Initialize publish and generate changelog over github actions
+
+### ⚙️ Miscellaneous Tasks
+
+- *(release)* 3.0.58
+
+## [3.0.57] - 2024-06-02
+
+### 🚀 Features
+
+- Add support mocha test explorer, rename tests files, add generated test files from PR
+- *(*)* Npm publish over github actions
+
+### ⚙️ Miscellaneous Tasks
+
+- Bump version and publish to npm
+- Remove unused dom lib from tsconfig, skip test generated files
+- Add comment in test
+- Add dist to gitignore
+- *(release)* 3.0.57
+
+## [3.0.55] - 2024-04-21
+
+### ⚙️ Miscellaneous Tasks
+
+- Bump version and publish to npm
+- Bump dependencies
+
+## [3.0.53] - 2024-04-21
+
+### ⚙️ Miscellaneous Tasks
+
+- Bump version and publish to npm
+- Bump dependencies
+
+## [3.0.51] - 2023-12-16
+
+### ⚙️ Miscellaneous Tasks
+
+- Bump version and publish to npm
+- Bump dependencies
+
+## [3.0.49] - 2023-12-16
+
+### ⚙️ Miscellaneous Tasks
+
+- Bump version and publish to npm
+- Update version of packages
+- Update code for new code style
+- Bump dependencies
+
+## [3.0.47] - 2023-12-02
+
+### ⚙️ Miscellaneous Tasks
+
+- Bump version and publish to npm
+- Bump dependencies
+
+## [3.0.45] - 2023-12-02
+
+### ⚙️ Miscellaneous Tasks
+
+- Bump version and publish to npm
+- Update codestyle for new eslint version
+- Bump dependencies
+
+## [3.0.43] - 2023-09-01
+
+### ⚙️ Miscellaneous Tasks
+
+- Bump version and publish to npm
+- Bump dependencies
+
+## [3.0.41] - 2023-09-01
+
+### ⚙️ Miscellaneous Tasks
+
+- Bump version and publish to npm
+- Bump dependencies
+
+## [3.0.39] - 2023-09-01
+
+### ⚙️ Miscellaneous Tasks
+
+- Bump version and publish to npm
+- Bump dependencies
+
+## [3.0.37] - 2023-09-01
+
+### ⚙️ Miscellaneous Tasks
+
+- Bump version and publish to npm
+- Update codestyle for new codestyle config
+- Bump dependencies
+
+## [3.0.35] - 2023-07-14
+
+### ⚙️ Miscellaneous Tasks
+
+- Bump version and publish to npm
+- Bump dependencies
+- Bump version and publish to npm
+- Bump dependencies
+- Bump version and publish to npm
+- Bump dependencies
+- Bump version and publish to npm
+- Bump dependencies
+
+## [3.0.27] - 2023-02-09
+
+### ⚙️ Miscellaneous Tasks
+
+- Bump version and publish to npm
+- Bump dependencies
+
+## [3.0.25] - 2023-02-09
+
+### ⚙️ Miscellaneous Tasks
+
+- Bump version and publish to npm
+- Bump dependencies
+
+## [3.0.23] - 2023-02-08
+
+### ⚙️ Miscellaneous Tasks
+
+- Bump version and publish to npm
+- Bump dependencies
+
+## [3.0.21] - 2023-02-08
+
+### ⚙️ Miscellaneous Tasks
+
+- Bump version and publish to npm
+- Bump dependencies
+
+## [3.0.19] - 2023-02-08
+
+### ⚙️ Miscellaneous Tasks
+
+- Bump version and publish to npm
+- Bump dependencies
+
+## [3.0.17] - 2022-12-10
+
+### 🚀 Features
+
+- Add fromString and toString methods
+
+### ⚙️ Miscellaneous Tasks
+
+- Bump version and publish to npm
+- Bump dependencies
+
+## [3.0.15] - 2022-11-22
+
+### ⚙️ Miscellaneous Tasks
+
+- Bump version and publish to npm
+- Bump dependencies
+
+## [3.0.13] - 2022-11-22
+
+### ⚙️ Miscellaneous Tasks
+
+- Bump version and publish to npm
+- Bump dependencies
+
+## [3.0.11] - 2022-11-22
+
+### ⚙️ Miscellaneous Tasks
+
+- Bump version and publish to npm
+- Disable src from npm package
+- Bump dependencies
+
+## [3.0.9] - 2022-11-21
+
+### ⚙️ Miscellaneous Tasks
+
+- Bump version and publish to npm
+- Bump dependencies
+
+## [3.0.7] - 2022-11-21
+
+### ⚙️ Miscellaneous Tasks
+
+- Bump version and publish to npm
+- Bump dependencies
+
+## [3.0.5] - 2022-11-21
+
+### ⚙️ Miscellaneous Tasks
+
+- Bump version and publish to npm
+- Bump dependencies
+
+## [3.0.3] - 2022-11-21
+
+### ⚙️ Miscellaneous Tasks
+
+- Bump version and publish to npm
+- Bump dependencies
+
+## [3.0.1] - 2022-11-21
+
+### 🚀 Features
+
+- [**breaking**] Make type module
+
+### 🐛 Bug Fixes
+
+- Bump version and publish to npm
+- Test for mocha in esm
+
+### ⚙️ Miscellaneous Tasks
+
+- Bump dependencies
+
+## [2.0.67] - 2022-06-22
+
+### 🐛 Bug Fixes
+
+- Bump version and publish to npm
+- Bump dependencies
+
+## [2.0.65] - 2022-06-22
+
+### 🐛 Bug Fixes
+
+- Bump version and publish to npm
+- Bump dependencies
+
+## [2.0.63] - 2022-06-02
+
+### 🐛 Bug Fixes
+
+- Bump version and publish to npm
+- Bump dependencies
+
+## [2.0.61] - 2022-06-02
+
+### 🐛 Bug Fixes
+
+- Bump version and publish to npm
+- Bump dependencies
+
+## [2.0.59] - 2022-06-02
+
+### 🐛 Bug Fixes
+
+- Bump version and publish to npm
+- Bump dependencies
+
+## [2.0.57] - 2022-05-18
+
+### 🐛 Bug Fixes
+
+- Bump dependencies
+
+### ⚙️ Miscellaneous Tasks
+
+- Minor eslint rule fixes
+
+<!-- generated by git-cliff -->

package/CODE_OF_CONDUCT.md

@@ -0,0 +1,132 @@
+# Contributor Covenant Code of Conduct
+
+## Our Pledge
+
+We as members, contributors, and leaders pledge to make participation in our
+community a harassment-free experience for everyone, regardless of age, body
+size, visible or invisible disability, ethnicity, sex characteristics, gender
+identity and expression, level of experience, education, socio-economic status,
+nationality, personal appearance, race, caste, color, religion, or sexual
+identity and orientation.
+
+We pledge to act and interact in ways that contribute to an open, welcoming,
+diverse, inclusive, and healthy community.
+
+## Our Standards
+
+Examples of behavior that contributes to a positive environment for our
+community include:
+
+* Demonstrating empathy and kindness toward other people
+* Being respectful of differing opinions, viewpoints, and experiences
+* Giving and gracefully accepting constructive feedback
+* Accepting responsibility and apologizing to those affected by our mistakes,
+  and learning from the experience
+* Focusing on what is best not just for us as individuals, but for the overall
+  community
+
+Examples of unacceptable behavior include:
+
+* The use of sexualized language or imagery, and sexual attention or advances of
+  any kind
+* Trolling, insulting or derogatory comments, and personal or political attacks
+* Public or private harassment
+* Publishing others' private information, such as a physical or email address,
+  without their explicit permission
+* Other conduct which could reasonably be considered inappropriate in a
+  professional setting
+
+## Enforcement Responsibilities
+
+Community leaders are responsible for clarifying and enforcing our standards of
+acceptable behavior and will take appropriate and fair corrective action in
+response to any behavior that they deem inappropriate, threatening, offensive,
+or harmful.
+
+Community leaders have the right and responsibility to remove, edit, or reject
+comments, commits, code, wiki edits, issues, and other contributions that are
+not aligned to this Code of Conduct, and will communicate reasons for moderation
+decisions when appropriate.
+
+## Scope
+
+This Code of Conduct applies within all community spaces, and also applies when
+an individual is officially representing the community in public spaces.
+Examples of representing our community include using an official e-mail address,
+posting via an official social media account, or acting as an appointed
+representative at an online or offline event.
+
+## Enforcement
+
+Instances of abusive, harassing, or otherwise unacceptable behavior may be
+reported to the community leaders responsible for enforcement at
+labeg@mail.ru or [discord server](https://discordapp.com/channels/974049080454045796/974049142022209566).
+All complaints will be reviewed and investigated promptly and fairly.
+
+All community leaders are obligated to respect the privacy and security of the
+reporter of any incident.
+
+## Enforcement Guidelines
+
+Community leaders will follow these Community Impact Guidelines in determining
+the consequences for any action they deem in violation of this Code of Conduct:
+
+### 1. Correction
+
+**Community Impact**: Use of inappropriate language or other behavior deemed
+unprofessional or unwelcome in the community.
+
+**Consequence**: A private, written warning from community leaders, providing
+clarity around the nature of the violation and an explanation of why the
+behavior was inappropriate. A public apology may be requested.
+
+### 2. Warning
+
+**Community Impact**: A violation through a single incident or series of
+actions.
+
+**Consequence**: A warning with consequences for continued behavior. No
+interaction with the people involved, including unsolicited interaction with
+those enforcing the Code of Conduct, for a specified period of time. This
+includes avoiding interactions in community spaces as well as external channels
+like social media. Violating these terms may lead to a temporary or permanent
+ban.
+
+### 3. Temporary Ban
+
+**Community Impact**: A serious violation of community standards, including
+sustained inappropriate behavior.
+
+**Consequence**: A temporary ban from any sort of interaction or public
+communication with the community for a specified period of time. No public or
+private interaction with the people involved, including unsolicited interaction
+with those enforcing the Code of Conduct, is allowed during this period.
+Violating these terms may lead to a permanent ban.
+
+### 4. Permanent Ban
+
+**Community Impact**: Demonstrating a pattern of violation of community
+standards, including sustained inappropriate behavior, harassment of an
+individual, or aggression toward or disparagement of classes of individuals.
+
+**Consequence**: A permanent ban from any sort of public interaction within the
+community.
+
+## Attribution
+
+This Code of Conduct is adapted from the [Contributor Covenant][homepage],
+version 2.1, available at
+[https://www.contributor-covenant.org/version/2/1/code_of_conduct.html][v2.1].
+
+Community Impact Guidelines were inspired by
+[Mozilla's code of conduct enforcement ladder][Mozilla CoC].
+
+For answers to common questions about this code of conduct, see the FAQ at
+[https://www.contributor-covenant.org/faq][FAQ]. Translations are available at
+[https://www.contributor-covenant.org/translations][translations].
+
+[homepage]: https://www.contributor-covenant.org
+[v2.1]: https://www.contributor-covenant.org/version/2/1/code_of_conduct.html
+[Mozilla CoC]: https://github.com/mozilla/diversity
+[FAQ]: https://www.contributor-covenant.org/faq
+[translations]: https://www.contributor-covenant.org/translations

package/CONTRIBUTING.md

@@ -0,0 +1,144 @@
+# Contributing to ts-serializable
+
+Thank you for your interest in contributing! This document provides guidelines for contributing to this project.
+
+## Code of Conduct
+
+By participating in this project, you agree to abide by our [Code of Conduct](./CODE_OF_CONDUCT.md).
+
+## How to Contribute
+
+### Reporting Bugs
+
+Before creating bug reports, please check the existing issues. When creating a bug report, include:
+
+- **Clear title and description**
+- **Steps to reproduce** the problem
+- **Expected behavior** vs **actual behavior**
+- **Code samples** that demonstrate the issue
+- **Environment details** (Node.js version, npm version, OS)
+
+### Suggesting Enhancements
+
+Enhancement suggestions are welcome! Please provide:
+
+- **Clear description** of the enhancement
+- **Use cases** and why it would be useful
+- **Possible implementation** approach (if you have ideas)
+
+### Pull Requests
+
+1. **Fork the repository** and create your branch from `master`
+2. **Make your changes** following our coding standards
+3. **Test your changes** by running `npm test`
+4. **Commit your changes** using [Conventional Commits](https://www.conventionalcommits.org/):
+   - `feat:` for new features
+   - `fix:` for bug fixes
+   - `docs:` for documentation changes
+   - `chore:` for maintenance tasks
+   - `refactor:` for code refactoring
+5. **Push to your fork** and submit a pull request
+
+## Development Setup
+
+### Prerequisites
+
+- Node.js (latest LTS version recommended)
+- npm or pnpm
+
+### Setup Steps
+
+```bash
+# Clone your fork
+git clone https://github.com/YOUR_USERNAME/ts-serializable.git
+cd ts-serializable
+
+# Install dependencies
+npm install
+
+# Run tests
+npm test
+```
+
+## Coding Standards
+
+This project uses ESLint and TypeScript. Key principles:
+
+### Code Style
+
+- **TypeScript**: Always use proper types
+- **Decorators**: Use reflect-metadata for decorator metadata
+- **Testing**: Write tests for new features
+- **Documentation**: Add JSDoc comments for public APIs
+
+### Example
+
+```typescript
+// Good
+class User extends Serializable {
+    @jsonProperty(String)
+    public name: string = '';
+}
+
+// Always include default values
+@jsonProperty(Number)
+public age: number = 0;
+```
+
+### Commit Messages
+
+Follow [Conventional Commits](https://www.conventionalcommits.org/):
+
+```bash
+feat: add support for new ESLint rule
+fix: correct TypeScript configuration issue
+docs: update README with new examples
+chore: upgrade dependencies
+```
+
+## Testing
+
+Before submitting your PR:
+
+```bash
+# Run all tests
+npm test
+
+# Run tests with coverage
+npm run test:coverage
+
+# Check for security vulnerabilities
+npm audit
+```
+
+All tests must pass before your PR can be merged.
+
+## Review Process
+
+1. **Automated checks** run on every PR (tests, linting, security)
+2. **Manual review** by maintainers
+3. **Feedback** may be provided - please address comments
+4. **Approval** - once approved, your PR will be merged
+
+## Release Process
+
+Releases are automated:
+
+1. Maintainer merges PR to `master`
+2. Version is bumped automatically
+3. Changelog is generated
+4. Package is published to npm
+5. GitHub release is created
+
+## Questions?
+
+- Open an issue with the `question` label
+- Check existing issues and discussions
+
+## License
+
+By contributing, you agree that your contributions will be licensed under the MIT License.
+
+---
+
+Thank you for contributing to ts-serializable! 🎉

package/README.md

@@ -1,10 +1,10 @@
 # ts-serializable
 
-> Powerful and flexible TypeScript/JavaScript library for serialization and deserialization with decorators
-
 [![npm version](https://img.shields.io/npm/v/ts-serializable.svg)](https://www.npmjs.com/package/ts-serializable)
 [![License: MIT](https://img.shields.io/badge/License-MIT-yellow.svg)](https://opensource.org/licenses/MIT)
 
+Powerful and flexible TypeScript/JavaScript library for serialization and deserialization with decorators
+
 ## ✨ Features
 
 - 🎯 **Type-safe** - Convert JSON to strongly-typed class instances
@@ -18,20 +18,45 @@
 
 ## 📋 Table of Contents
 
-- [Installation](#-installation)
-- [Quick Start](#-quick-start)
-- [Core Concepts](#-core-concepts)
-- [Decorators](#-decorators)
-- [Advanced Usage](#-advanced-usage)
-- [Standalone Functions](#-standalone-functions)
-- [Naming Strategies](#-naming-strategies)
-- [Configuration Settings](#️-configuration-settings)
-- [View Models and DTOs](#-view-models-and-dtos)
-- [FormData Conversion](#-formdata-conversion)
-- [Additional Features](#-additional-features)
-- [API Reference](#-api-reference)
-- [Contributing](#-contributing)
-- [License](#-license)
+- [ts-serializable](#ts-serializable)
+  - [✨ Features](#-features)
+  - [📋 Table of Contents](#-table-of-contents)
+  - [🚀 Installation](#-installation)
+  - [🎯 Quick Start](#-quick-start)
+    - [Why Use ts-serializable?](#why-use-ts-serializable)
+  - [🎓 Core Concepts](#-core-concepts)
+    - [Type Safety](#type-safety)
+    - [Default Values](#default-values)
+    - [Error Handling](#error-handling)
+  - [🎨 Decorators](#-decorators)
+    - [@jsonProperty](#jsonproperty)
+    - [@jsonIgnore](#jsonignore)
+    - [@jsonName](#jsonname)
+    - [@jsonObject](#jsonobject)
+  - [🔧 Advanced Usage](#-advanced-usage)
+  - [🔧 Standalone Functions](#-standalone-functions)
+  - [🐍 Naming Strategies](#-naming-strategies)
+  - [⚙️ Configuration Settings](#️-configuration-settings)
+  - [🎭 View Models and DTOs](#-view-models-and-dtos)
+  - [📤 FormData Conversion](#-formdata-conversion)
+    - [Basic Usage](#basic-usage)
+    - [Complex Object Graphs](#complex-object-graphs)
+    - [With Custom Prefix](#with-custom-prefix)
+    - [Appending to Existing FormData](#appending-to-existing-formdata)
+    - [Special Type Handling](#special-type-handling)
+  - [💡 Additional Features](#-additional-features)
+    - [Deep Copy](#deep-copy)
+    - [Nested Objects](#nested-objects)
+    - [Arrays of Objects](#arrays-of-objects)
+  - [📚 API Reference](#-api-reference)
+    - [Serializable Class Methods](#serializable-class-methods)
+      - [Static Methods](#static-methods)
+      - [Instance Methods](#instance-methods)
+    - [Standalone Functions](#standalone-functions)
+    - [Available Naming Strategies](#available-naming-strategies)
+  - [🤝 Contributing](#-contributing)
+  - [📄 License](#-license)
+  - [🙏 Acknowledgments](#-acknowledgments)
 
 ## 🚀 Installation
 

package/SECURITY.md

@@ -0,0 +1,109 @@
+# Security Policy
+
+## Supported Versions
+
+We actively support the following versions of `ts-serializable` with security updates:
+
+| Version | Supported          |
+| ------- | ------------------ |
+| 4.x     | :white_check_mark: |
+| 3.x     | :x:                |
+| < 3.0   | :x:                |
+
+## Reporting a Vulnerability
+
+We take the security of `ts-serializable` seriously. If you discover a security vulnerability, please follow these steps:
+
+### How to Report
+
+1. **DO NOT** open a public GitHub issue for security vulnerabilities
+2. Send a detailed report to the repository maintainer via:
+   - GitHub Security Advisory: [Report a vulnerability](https://github.com/LabEG/Serializable/security/advisories/new)
+   - Email: Create an issue in the [issue tracker](https://github.com/LabEG/Serializable/issues) marked as **Security** (if no sensitive details need to be shared)
+
+### What to Include
+
+Please provide the following information in your report:
+
+- **Description**: A clear description of the vulnerability
+- **Impact**: What could an attacker accomplish by exploiting this vulnerability
+- **Reproduction**: Step-by-step instructions to reproduce the issue
+- **Version**: The version of `ts-serializable` affected
+- **Environment**: Relevant environment details (Node.js version, TypeScript version, etc.)
+- **Suggested Fix** (optional): If you have ideas on how to fix the vulnerability
+
+### Response Timeline
+
+- **Initial Response**: Within 48 hours of receiving the report
+- **Status Update**: Within 7 days with either a fix timeline or request for more information
+- **Resolution**: Security patches will be released as soon as possible, typically within 14 days for critical issues
+
+### Security Update Process
+
+1. The vulnerability is confirmed and assessed
+2. A fix is developed and tested
+3. A security advisory is prepared
+4. A new version is released with the fix
+5. The security advisory is published with CVE (if applicable)
+
+## Security Best Practices
+
+When using `ts-serializable`:
+
+### For Package Consumers
+
+- Always use the latest stable version
+- Regularly update dependencies using `npm update` or `npm audit fix`
+- Review the [CHANGELOG](./CHANGELOG.md) for security-related updates
+- Use `npm audit` to check for known vulnerabilities in dependencies
+
+### For Contributors
+
+- Follow secure coding practices
+- Run `npm audit` before submitting pull requests
+- Never commit sensitive information (API keys, passwords, tokens)
+- Test changes thoroughly with various configurations
+
+## Dependency Security
+
+This package relies on reflect-metadata and has minimal dependencies. We:
+
+- Monitor security advisories for all dependencies
+- Update dependencies promptly when security issues are discovered
+- Use `npm audit` in our CI/CD pipeline
+- Follow semantic versioning to ensure stable updates
+
+## Known Security Considerations
+
+As a serialization library, `ts-serializable`:
+
+- **Processes data at runtime** - handles JSON serialization/deserialization
+- **Uses decorators** - requires reflect-metadata polyfill
+- **Does not access network resources** - all operations are local
+- **May handle sensitive data** - be careful with @jsonIgnore for passwords/secrets
+
+However, always ensure you:
+
+- Install packages from official npm registry
+- Verify package integrity using `npm audit`
+- Review configuration changes before applying
+
+## Disclosure Policy
+
+When a security vulnerability is fixed:
+
+1. We will credit the reporter (unless they wish to remain anonymous)
+2. Details will be disclosed after a fix is available
+3. We will publish a security advisory on GitHub
+4. The vulnerability will be documented in the CHANGELOG
+
+## Contact
+
+For any security-related questions or concerns, please:
+
+- Open a [GitHub Security Advisory](https://github.com/LabEG/Serializable/security/advisories/new)
+- Create an issue at: <https://github.com/LabEG/Serializable/issues>
+
+---
+
+Thank you for helping keep `ts-serializable` and its users safe!

package/package.json

@@ -1,6 +1,6 @@
 {
     "name": "ts-serializable",
-    "version": "4.4.0",
+    "version": "4.5.0",
     "author": "Eugene Labutin",
     "license": "MIT",
     "homepage": "https://github.com/LabEG/Serializable#readme",
@@ -8,6 +8,15 @@
     "main": "./dist/index.js",
     "type": "module",
     "typings": "./dist/index.d.ts",
+    "files": [
+        "dist",
+        "README.md",
+        "LICENSE",
+        "CHANGELOG.md",
+        "CODE_OF_CONDUCT.md",
+        "CONTRIBUTING.md",
+        "SECURITY.md"
+    ],
     "repository": {
         "type": "git",
         "url": " git@github.com:LabEG/Serializable.git"
@@ -28,7 +37,7 @@
         "build": "tsc --project tsconfig.build.json && node ./dist/index.js",
         "prepublishOnly": "npm run lint && npm run build && npm run test",
         "release": "cliff-jumper --name 'ts-serializable' --package-path '.' --no-skip-changelog --no-skip-tag",
-        "prepare": "husky install"
+        "prepare": "husky"
     },
     "peerDependencies": {
         "reflect-metadata": ">=0.1.0"