To report sensitive vulnerability information, please use the Tidelift security contact. Tidelift will coordinate the fix and disclosure.
If your organisation/employer is a distributor of sweet-alert and would like advance notification of security-related bugs, please let us know your preferred contact method.