We take the security of Osaurus seriously. If you believe you have found a security vulnerability, please follow the process below.
main(development) — actively maintained- The latest tagged release — actively maintained
Older releases may not receive security updates.
Please do not disclose security issues publicly. Instead, use one of the following private channels:
- Open a private report via GitHub Security Advisories for this repository
- If you prefer email, contact the maintainers privately (do not use a public issue)
What to include in your report:
- A clear description of the issue and impact
- Steps to reproduce, including sample input and configuration
- Any known mitigations
We will acknowledge receipt within 72 hours, assess the impact, and work on a fix. We may request additional information for reproduction.
Once a fix is available, we will credit reporters who wish to be acknowledged and include mitigation instructions in the release notes when applicable.