The following includes the supported versions in case security issues occur in yt_libyt and provides instructions on how to report them.
| Version | Supported |
|---|---|
| 0.x | ✅ |
If you discover a security vulnerability, please report it responsibly. Do not create a public GitHub issue.
-
Email:
turquoisea.tsai@gmail.com -
Title:
[yt_libyt vulnerability] Title -
Include the following in the report:
- Description of the vulnerability - Steps to reproduce - Affected versions or components - Does it impact the HPC clusters - Any known exploits or impacts
We aim to respond to the vulnerability reports within 24 hours. Once validated, we will coordinate a fix and publish it as soon as possible.
We follow a coordinated disclosure process. This means we will fix the issue privately before disclosing it publicly. If the vulnerability is critical and has no known fix, we may delay disclosure until a patch is ready.