Skip to content

Security: pyca/service-identity

.github/SECURITY.md

Security Policy

Supported Versions

We are following Calendar Versioning with generous backwards-compatibility guarantees. Therefore we only support the latest version.

That said, you shouldn't be afraid to upgrade if you're only using our documented public APIs and pay attention to DeprecationWarnings. Whenever there is a need to break compatibility, it is announced in the changelog and raises a DeprecationWarning for a year (if possible) before it's finally really broken.

Reporting a Vulnerability

To report a security vulnerability, please use the Tidelift security contact. Tidelift will coordinate the fix and disclosure.

There aren’t any published security advisories