This library less likely bring any potential threat to your application since it's based on existing DOM API, meaning any vulnerabilities should be tracked mainly by the package user.

However, from our side will do anything that would make it easier to follow Frontend security standards.

No precedents, all versions are fine.

If you have found a security vulnerability that is tracked down to this library, report immediately.