Skip to content

Security Policy

Supported versions

Only the latest released version receives security fixes.

Reporting a vulnerability

Please do not open a public GitHub issue for security vulnerabilities.

Report vulnerabilities privately via GitHub Security Advisories.

Include as much detail as you can:

  • A description of the vulnerability and its potential impact
  • Steps to reproduce or a minimal proof-of-concept
  • rowsmyth version, Python version and OS

You will receive a response within 48 hours. If the issue is confirmed, a patch will be released as soon as possible and you will be credited in the release notes unless you prefer to remain anonymous.