Rooba
/
attrs
mirror of https://github.com/python-attrs/attrs.git
1
1
Fork 0
Code Issues Packages Projects Releases Wiki Activity
attrs/.github/SECURITY.md

22 lines
937 B
Markdown
Raw Normal View History

Update SECURITY.md
2022-07-11 14:56:16 +00:00
# Security Policy
## Supported Versions
Typography
2022-09-12 13:09:34 +00:00
We are following [*CalVer*](https://calver.org) with generous backwards-compatibility guarantees.
Update SECURITY.md
2022-07-11 14:56:16 +00:00
Therefore we only support the latest version.
Move compat policy to SECURITY.md
2023-06-13 08:11:37 +00:00
Put simply, you shouldn't ever be afraid to upgrade as long as you're only using our public APIs.
Whenever there is a need to break compatibility, it is announced in the changelog, and raises a `DeprecationWarning` for a year (if possible) before it's finally really broken.
> **Warning**
> The structure of the `attrs.Attribute` class is exempt from this rule.
> It *will* change in the future, but since it should be considered read-only, that shouldn't matter.
>
> However if you intend to build extensions on top of *attrs* you have to anticipate that.
Update SECURITY.md
2022-07-11 14:56:16 +00:00
## Reporting a Vulnerability
Add SECURITY.yml
2020-07-21 14:25:16 +00:00
To report a security vulnerability, please use the [Tidelift security contact](https://tidelift.com/security).
Tidelift will coordinate the fix and disclosure.