Skip to content

Security: IBM/oper8

Security

SECURITY.md

Security Policy

This security policy applies to the oper8 python library and source code.

Supported Versions

The Oper8 project provides community support only for the last minor version: bug fixes are released either as part of the next minor version or as an on-demand patch version. Independent of which version is next, all patch versions are cumulative, meaning that they represent the state of our main branch at the moment of the release. For instance, if the latest version is 0.10.0, bug fixes are released either as part of 0.11.0 or 0.10.1.

Security fixes are given priority and might be enough to cause a new version to be released.

Reporting a Vulnerability

To report a security issue, please email the CODEOWNERS with a description of the issue, the steps you took to create the issue, affected versions, and if known, mitigations for the issue.

Our maintainers will acknowledge receiving your email within 3 working days. It follows a 90 day disclosure timeline.

There aren’t any published security advisories