We use dependabot for most of our dependencies tracking in Python and JavaScript modules.
The following versions of OpenISS are currently being supported with security updates:
| Version | Supported |
|---|---|
| HEAD | ✅ |
| <= v0.1.0-2018.02-java-js-ws | ❌ |
- For less severe and hard to exploit vulnerabilities in the context of OpenISS please create a pull request (e.g., after running
npm audit fix) with title to update dependencies. - The same applies if there are vulnerabilities in the git submodules linked in the repo.
- For C/C++/Python components, especially network- or driver-related that are developed by the OpenISS team or anything related, please reach out to mokhov at cse.concordia.ca
We should be able to respond within 24-48 hours. Thank you.