We support the following versions of ImportSpy with security updates:
| Version | Supported |
|---|---|
| 0.1.6+ | ✅ Supported |
| < 0.1.6 | ❌ Not supported |
If you find a security vulnerability in ImportSpy, please help us protect our users by following these steps:
-
Do not open a public issue. To avoid exploitation of the vulnerability before it is resolved, please refrain from posting details publicly.
-
Contact the maintainer by emailing [email protected]. Provide detailed information about the vulnerability and steps to reproduce it.
-
Response time: You can expect a response within 48 hours. We will acknowledge your report and provide a timeline for the investigation and any necessary fixes.
-
Responsible disclosure: After the issue has been fixed, we will notify you prior to publicly releasing the solution. We appreciate your cooperation in maintaining the security of the project.
All security-related updates are managed through Dependabot and manual reviews. Please keep your project updated by following the latest releases.
To ensure the security of your project:
- Keep your dependencies up to date.
- Regularly audit your code and dependencies for vulnerabilities.
- Carefully review changes to pyproject.toml before merging.
Thank you for contributing to the security of ImportSpy!