We maintain the latest main branch of this repository. Security updates are provided for the current stable release. Contributions that introduce new features must not introduce known security vulnerabilities.
| Version | Supported |
|---|---|
| main / latest | β Yes |
| legacy | β No |
If you discover a security vulnerability, please do not open a public issue.
Instead, report it privately to the maintainer:
- π‘οΈ GitHub Security Advisory: Submit Report
Please include:
- A clear description of the issue
- Steps to reproduce (if applicable)
- A proposed fix or recommendation (if available)
We follow a coordinated disclosure process. If a vulnerability is confirmed:
- We will acknowledge your report within 48 hours
- A fix will be issued within 14 days, unless complexity requires more time
- You will be credited (if desired) in the security advisory
This project adheres to the following principles:
- No use of insecure functions or legacy APIs
- Input validation and safe handling of external data (e.g., CSV files)
- Dependencies reviewed and updated regularly via GitHub Dependabot
- Use of Python virtual environments recommended
We suggest using:
banditβ Python security lintersafetyβ Check for known vulnerabilities in dependenciespip-auditβ Python dependency vulnerability scanner
This software is provided as-is without any warranties. Users are responsible for running the software in secure environments and updating dependencies.
Β© 2025 BYLICKILABS β Security matters. Always.