https://github.com/astropy/astropy
Tip revision: aa767bad4b6e0ad6e9ea98e271e6cc2c3425f08e authored by Thomas Robitaille on 04 April 2024, 11:23:59 UTC
Added contributor statistics and names
Added contributor statistics and names
Tip revision: aa767ba
SECURITY.md
# Security Policy
## Supported Versions
The table below indicates which versions of `astropy` are
currently being supported with security updates.
| Version | Supported |
| ------- | ------------------ |
| 6.1.x (main) | :white_check_mark: |
| 6.0.x | :white_check_mark: |
| < 6.0 | :x: |
## Reporting a Vulnerability
[GitHub private security vulnerability reporting](https://docs.github.com/en/code-security/security-advisories/guidance-on-reporting-and-writing/privately-reporting-a-security-vulnerability)
should be enabled for `astropy`. But if that does not work for whatever reason, please report to the
[@astropy/security-team](https://github.com/orgs/astropy/teams/security-team) that is also listed on the [Astropy Team listing](https://www.astropy.org/team).
We will respond as soon as we are able. If vulnerability is accepted, we will work on a hotfix.
The timing depends on the available resources and the severity/risk of the vulnerability.
If a vulnerability is declined, we will take no further action as far as code is concerned. Either way, we will communicate back to you.
Thank you for your help!