- Block sensitive data being pushed to GitHub by git-secrets or its likes as a git pre-commit hook
- Audit for slipped secrets with dedicated tools
- Use environment variables for secrets in CI/CD (e.g. GitHub Secrets) and secret managers in production
You should run a vulnerability scanner every time you add a new dependency in projects :
poetry run -m python safety check
Use this section to tell people about which versions of your project are currently being supported with security updates.
The current versions are supported
Version | Supported |
---|---|
0.1.0 | ✅ |
Report the vulnerabilities in this repository's issue tracker.
Give the proof of the vulnerability: CVE, analysis report, etc...
Precise how it concerns the implementation of Freyja.
You can ask for support by contacting security@opensource.thalesgroup.com
You will get update of the vulnerabilities you have found through the issue tracker.
The policy disclosure will depend on the context of the vulnerability, the proof provided to detect it and the means implemented to remediate.
The result will be discussed in the issue tracker.
Freyja is intended to be used in development environments and not in production contexts.
Freyja currently requires exception rules in Apparmor to work.
This will be addressed in a future release.