At sra-pylib, we take security seriously. We value the input of the security community and appreciate their efforts to improve the security of our project. We encourage responsible reporting of any security vulnerabilities that may be found in our project.
If you believe you have found a security vulnerability in our project, we encourage you to let us know right away. We will investigate all legitimate reports and do our best to quickly fix the problem. Before reporting, please review the following guidelines:
- Do not disclose the vulnerability publicly until we have had a chance to investigate and address it.
- Do not perform any destructive testing, such as testing on live production systems or using automated vulnerability scanning tools.
- Provide as much detail as possible in your report, including a clear description of the vulnerability and steps to reproduce it.
To report a security vulnerability, please send an email to us. Please include the following information in your report:
- A brief description of the vulnerability
- Steps to reproduce the vulnerability
- Your name and contact information (optional)
We will acknowledge your report within 24 - 48 hours and provide an estimated timeline for when we expect to have the vulnerability fixed. We will also keep you updated as we work to address the issue.
We will release security updates as soon as possible after discovering and verifying any vulnerabilities. We encourage users of our project to keep their installations up to date with the latest releases to ensure they are protected against known vulnerabilities.
If you encounter any bugs or issues with our project, please report them by opening an issue on our GitHub repository. We appreciate your feedback and will work to resolve any issues as quickly as possible.