Test coverage

.gitignore

@@ -34,3 +34,7 @@ tramp
 # Org-mode
 .org-id-locations
 *_archive
+
+# coverage
+coverage
+.nyc_output

.travis.yml

@@ -1,7 +1,6 @@
 language: node_js
 
 node_js:
-  - 4
   - 6
   - 8
   - 10

README.md

@@ -1,23 +1,17 @@
 
-# oauth2-server
-
-[![npm Version][npm-image]][npm-url]
-[![npm Downloads][downloads-image]][downloads-url]
-[![Test Status][travis-image]][travis-url]
-[![MIT Licensed][license-image]][license-url]
-[![oauthjs Slack][slack-image]][slack-url]
+# @node-oauth/oauth2-server
 
 Complete, compliant and well tested module for implementing an OAuth2 server in [Node.js](https://nodejs.org).
 
-Note: After a period of hiatus, this project is now back under active maintenance. Dependencies have been updated and bug fixes will land in v3 (current master). v4 will be _mostly backwards compatible_ with no code changes required for users using a supported node release. More details in [#621](https://github.com/oauthjs/node-oauth2-server/issues/621).
+NOTE: This project has been forked from [oauthjs/node-oauth2-server](https://github.com/oauthjs/node-oauth2-server) and is a continuition due to the project appearing to be abandoned. Please see [this issue](https://github.com/node-oauth/node-oauth2-server/issues/2) to talk about next steps and the future of this project.
 
 ## Installation
 
 ```bash
-npm install oauth2-server
+npm install @node-oauth/oauth2-server
 ```
 
-The *oauth2-server* module is framework-agnostic but there are several officially supported wrappers available for popular HTTP server frameworks such as [Express](https://npmjs.org/package/express-oauth-server) and [Koa](https://npmjs.org/package/koa-oauth-server). If you're using one of those frameworks it is strongly recommended to use the respective wrapper module instead of rolling your own.
+The *@node-oauth/oauth2-server* module is framework-agnostic but there are several officially supported wrappers available for popular HTTP server frameworks such as [Express](https://npmjs.org/package/express-oauth-server) and [Koa](https://npmjs.org/package/koa-oauth-server). If you're using one of those frameworks it is strongly recommended to use the respective wrapper module instead of rolling your own.
 
 
 ## Features
@@ -26,7 +20,7 @@ The *oauth2-server* module is framework-agnostic but there are several officiall
 - Can be used with *promises*, *Node-style callbacks*, *ES6 generators* and *async*/*await* (using [Babel](https://babeljs.io)).
 - Fully [RFC 6749](https://tools.ietf.org/html/rfc6749.html) and [RFC 6750](https://tools.ietf.org/html/rfc6750.html) compliant.
 - Implicitly supports any form of storage, e.g. *PostgreSQL*, *MySQL*, *MongoDB*, *Redis*, etc.
-- Complete [test suite](https://github.com/oauthjs/node-oauth2-server/tree/master/test).
+- Complete [test suite](https://github.com/node-oauth/node-oauth2-server/tree/master/test).
 
 
 ## Documentation
@@ -55,16 +49,3 @@ To run the test suite, install dependencies, then run `npm test`:
 npm install
 npm test
 ```
-
-
-[npm-image]: https://img.shields.io/npm/v/oauth2-server.svg
-[npm-url]: https://npmjs.org/package/oauth2-server
-[downloads-image]: https://img.shields.io/npm/dm/oauth2-server.svg
-[downloads-url]: https://npmjs.org/package/oauth2-server
-[travis-image]: https://img.shields.io/travis/oauthjs/node-oauth2-server/master.svg
-[travis-url]: https://travis-ci.org/oauthjs/node-oauth2-server
-[license-image]: https://img.shields.io/badge/license-MIT-blue.svg
-[license-url]: https://raw.githubusercontent.com/oauthjs/node-oauth2-server/master/LICENSE
-[slack-image]: https://slack.oauthjs.org/badge.svg
-[slack-url]: https://slack.oauthjs.org
-

SECURITY.md

@@ -0,0 +1,24 @@
+# Security Policy
+
+## Supported Versions
+
+Use this section to tell people about which versions of your project are
+currently being supported with security updates.
+
+| Version | Supported          |
+| ------- | ------------------ |
+| 4.x.x   | :white_check_mark: |
+| 3.x.x   | :white_check_mark: but only very critical security issues |
+| < 3 | :x: |
+
+## Reporting a Vulnerability
+
+Report security vulnerabilities to info[at]jankuester[dot]com
+
+Please specify exactly how the vulnerability is to be exploited so we can estime how severe the consequences can be (unless you also can specifiy them, too).
+Note, that we need to reproduce the vulnerability (as like with bugs) in order to safely fix it.
+
+A fix will be implemented in private until we can ensure the vulnerability is closed. A new release will immediately be published.
+If you want to provide a fix please let us know in the Email so we can setup a completely private repository to work on it together.
+
+Note, that security fixes will also require to pass all tests and audits.