Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
This commit prepares the repository for the v3.0.0-alpha-2 releases and updates many of the manifest files. Changelist: - Update Python version in setup.cfg - Update version and dependency versions in setup-nightly.py - Add alpha releases to SECURITY.md and update codefactor.io to DeepSource - Update DeepSource Python runtime
- Loading branch information
1 parent
71a70a0
commit 43449d3
Showing
4 changed files
with
14 additions
and
7 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
|
@@ -16,4 +16,4 @@ name = "python" | |
enabled = true | ||
|
||
[analyzers.meta] | ||
runtime_version = "3.x.x" | ||
runtime_version = "3.9.6" |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -1,23 +1,24 @@ | ||
# Security Policy | ||
|
||
## Supported Versions | ||
|
||
The following versions will receive regular security updates: | ||
|
||
| Version | Supported | | ||
| ------- | ------------------ | | ||
| master-latest | ✔️ | | ||
| master-2.x.x | ✔️ | | ||
| nightly-alpha-latest | ✔️ | | ||
| nightly-latest | ✔️ | | ||
| master < 2.0 | :x: | | ||
| nightly < latest | :x: | | ||
|
||
## Reporting a Vulnerability | ||
|
||
The epispot team works as hard as possible to keep code clear of any vulnerabilities. | ||
Our steps include extensive CodeQL analysis, third-party open-source code analysis from tools like codefactor.io, and heavy unit testing. | ||
However, vulnerabilities will inevitably arise. If you see or suspect a vulnerability, epispot will fix it as fast as possible. | ||
The epispot team works as hard as possible to keep code clear of any vulnerabilities. Our steps include extensive CodeQL analysis, third-party open-source code analysis from tools like DeepSource, and heavy unit testing. However, vulnerabilities will inevitably arise. If you see or suspect a vulnerability, epispot will fix it as fast as possible. | ||
|
||
### Here's what to do if you've found a vulnerability: | ||
|
||
1. Open an issue and **@mention** a maintainer | ||
2. Title the issue "VULNERABILITY" but do not describe the vulnerability in the issue itself | ||
3. You will receive further instructions after completing (2) |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters