| Version | Supported |
|---|---|
| 2.0.x | ✅ Active development |
| 1.1.x | ✅ Security patches only |
| 1.0.x | ❌ End of life |
| < 1.0 | ❌ End of life |
If you discover a security vulnerability in PiMD, please do NOT open a public issue. Instead, report it privately via one of these methods:
- GitHub Security Advisory: Navigate to https://github.com/devasishpal/PiMd/security/advisories/new
- Email: Contact the maintainers directly through GitHub.
- Direct message: Reach out to the repository owner on GitHub.
We will acknowledge receipt within 48 hours and provide an estimated timeline for a fix. Security fixes are prioritized and released as patch versions.
When reporting a vulnerability, please include:
- Description of the vulnerability
- Steps to reproduce
- PiMD version affected
- Python version and operating system
- Any potential impact or exploit scenarios
PiMD includes a built-in safety layer (pimd.safety) that enforces limits on:
- File size: Maximum input file size (configurable, default 100 MB via
PIMD_SECURITY_MAX_INPUT_SIZE_MB) - Text size: Maximum text length for in-memory conversion
- Block count: Maximum number of document blocks (default 100,000 via
PIMD_SECURITY_MAX_DOCUMENT_BLOCKS) - Nesting depth: Maximum nesting depth for includes (default 100 via
PIMD_SECURITY_MAX_NESTING_DEPTH) - Image size: Maximum image file size (default 10 MB via
PIMD_SECURITY_MAX_IMAGE_SIZE_MB) - Path traversal: Blocked path patterns prevent directory traversal attacks
- URL scheme whitelisting: Only allowed URL schemes are processed
- Null byte detection: Input is scanned for null byte injection
- Allowed/blocked paths: Configure allowlists and blocklists for file include directives
from pimd.safety import SafetyLimits
# Use strict limits (recommended for untrusted input)
limits = SafetyLimits.strict()
# Use permissive limits (for trusted internal documents)
limits = SafetyLimits.permissive()
# Custom limits
limits = SafetyLimits(
max_input_size_mb=10,
max_nesting_depth=20,
max_document_blocks=50000,
max_image_size_mb=5,
)All safety limits can be configured via environment variables:
| Variable | Default | Description |
|---|---|---|
PIMD_SECURITY_MAX_INPUT_SIZE_MB |
100 | Maximum input file size in MB |
PIMD_SECURITY_MAX_NESTING_DEPTH |
100 | Maximum nesting depth |
PIMD_SECURITY_MAX_DOCUMENT_BLOCKS |
100000 | Maximum document blocks |
PIMD_SECURITY_MAX_IMAGE_SIZE_MB |
10 | Maximum image file size |
PIMD_SECURITY_ALLOWED_PATHS |
[] | Allowed paths for includes (JSON array) |
PIMD_SECURITY_BLOCKED_PATHS |
[] | Blocked paths for includes (JSON array) |
The RemoteAssetManager (pimd.remote_assets) provides:
- Domain allowlists: Restrict asset downloads to trusted domains
- SSL verification: Configurable SSL verification for HTTPS downloads
- Size limits: Maximum file size enforcement for downloads
- Offline mode: Block all remote requests, use cached assets only
- SHA256 verification: Content-addressable caching prevents tampering
- All dependencies are pinned via
pyproject.tomlwith minimum versions - Regular dependency updates via Dependabot (if enabled on the repository)
- No cloud or network dependencies in the core package (offline-first)
- Config files (
.pimdconfig) are project-local and should not contain secrets - Environment variables (
PIMD_*) are the recommended way to inject sensitive configuration - Config file paths are validated to prevent directory traversal
- Plugins run with the same privileges as the host process
- Only install plugins from trusted sources
- Review plugin source code before installation
- The Plugin Manager validates plugin metadata on load
We follow a 90-day disclosure timeline for security vulnerabilities:
- Reporter submits vulnerability (day 0)
- We acknowledge and triage (day 0-2)
- Fix developed and tested (day 1-30)
- Patch released (day 30)
- Public disclosure after 90 days, or earlier if a patch is available