Skip to content

Security: Fraunhofer-AISEC/cpg

SECURITY.md

Security Policy

The following file contains information about the security policy and procedures used in our code property graph library.

Supported Versions

We aim to keep semantic versioning in mind and try to release a new major version if the (public) API has changed. We therefore release a new major version every few months and only support the current major version.

Version Supported
8.x.x
< 8.0.0

Reporting a Vulnerability

Should you encounter a vulnerability in our software, please use the possibility to privately report a vulnerability through GitHub using https://github.com/Fraunhofer-AISEC/cpg/security/advisories/new.

We will then get in contact with you, assess the impact of the reported issue and try to fix it. After a fix is released, we will publish a Security Advisory (see below).

Security Advisories

All fixed security issues will be accompanied by a security advisory. We aim to provide them in two formats

There aren’t any published security advisories