We actively maintain security updates for the following versions:
| Version | Supported |
|---|---|
| 0.0.1 | ✅ |
We take the security of sigmap-pytools seriously. If you discover a security vulnerability, please follow these steps:
-
Do not open a public GitHub issue for security vulnerabilities.
-
Email the maintainers directly at:
sigmap@willhub.dev -
Include the following information in your report:
- Type of vulnerability
- Full paths of source file(s) related to the vulnerability
- The location of the affected source code (tag/branch/commit or direct URL)
- Step-by-step instructions to reproduce the issue
- Proof-of-concept or exploit code (if possible)
- Impact of the issue, including how an attacker might exploit the issue
-
We will acknowledge receipt of your report within 48 hours and provide a more detailed response within 7 days indicating the next steps in handling your report.
-
After the initial reply to your report, we will keep you informed of the progress towards a fix and full announcement. We may ask for additional information or guidance.
- When the security team receives a security bug report, we will assign it to a primary handler. This person will coordinate the fix and release process.
- We will confirm the problem and determine the affected versions.
- We will audit code to find any potential similar problems.
- We will prepare fixes for all releases still under maintenance. These fixes will be released as quickly as possible.
- You can expect to be updated on the progress of fixing the vulnerability
- You will be credited for the discovery (if desired) when the vulnerability is announced
- We appreciate your efforts to responsibly disclose your findings and will make every effort to acknowledge your contributions
Thank you for helping keep sigmap-pytools and our users safe!