If you discover a security vulnerability in Ansel, please report it by opening a GitHub issue or emailing fosterdill@gmail.com.
Please include:
- A description of the vulnerability
- Steps to reproduce
- The affected version
Only the latest release is currently supported with security updates.
| Version | Supported |
|---|---|
| latest | ✅ |
| < latest | ❌ |
Ansel operates on local filesystems only — it does not send data over the network. The application runs with the user's own filesystem permissions.
If you have granted Full Disk Access (macOS) or run as Administrator (Windows), Ansel can scan and unlink files from protected directories. Exercise caution using the cleanup queue on system directories.
- GitHub Actions workflows pin dependencies by commit hash
- Dependabot is enabled for automated dependency updates
- CodeQL SAST runs on every push to
mainand weekly - OpenSSF Scorecard analysis runs weekly
English is preferred for all communications.