Skip to content

Security: 444B/streamlit-analytics2

.github/SECURITY.md

Security Policy

Supported Versions of streamlit-analytics2

Version Supported
>= 0.4.3
<= 0.4.2

Reporting a Vulnerability

The streamlit-analytics2 team takes security bugs seriously. We appreciate your efforts to responsibly disclose your findings, and will make every effort to acknowledge your contributions.

To report a security issue, please email us at [[email protected]]. We'll endeavor to respond quickly, and will keep you updated throughout the process.

Security Analysis Tools

  • Dependabot: We use Dependabot to automatically scan for vulnerabilities in our dependencies. It helps us to keep our project secure by updating dependencies to more secure versions.
  • CodeQL Analysis: For each release, we perform CodeQL analysis to identify vulnerabilities in our codebase. This ensures that the code meets our security standards.

Contributions

While we encourage public contributions, it's important to note that each contribution will be reviewed for security implications. Contributors are encouraged to follow our contribution guidelines.

Disclaimer

Please note that streamlit-analytics2 is provided on a "best effort" basis. The maintainers take no responsibility for any direct or indirect damage caused due to the usage of this software. Users should understand the risks associated with using open-source software. We will address security issues to the best of our abilities as soon as they are brought to our attention.

Handling Security Issues

  • Security issues in streamlit-analytics2 will be addressed promptly upon discovery.
  • Please understand that we only address issues related to streamlit-analytics2 directly and have no control over the upstream streamlit-analytics project.
  • We commit to communicating with you throughout the resolution process.

Thank you for supporting streamlit-analytics2 and helping us make the open-source community a safer place.

There aren’t any published security advisories