Skip to content

Commit

Permalink
Update SECURITY.md
Browse files Browse the repository at this point in the history
Signed-off-by: SR Murthy <[email protected]>
  • Loading branch information
sr-murthy authored Jul 18, 2024
1 parent fa84f04 commit ce874ca
Showing 1 changed file with 2 additions and 2 deletions.
4 changes: 2 additions & 2 deletions SECURITY.md
Original file line number Diff line number Diff line change
Expand Up @@ -2,9 +2,9 @@

## Supported Versions

The package currently only uses Python standard libraries (see the [project TOML](https://github.com/sr-murthy/continuedfractions/blob/main/pyproject.toml)), and has no 3rd party dependencies. Security / vulnerability alerts related to [Python itself](https://www.cvedetails.com/vulnerability-list/vendor_id-10210/product_id-18230/Python-Python.html) would be addressed within Python.
Only Python standard libraries are used (see the [project TOML](https://github.com/sr-murthy/continuedfractions/blob/main/pyproject.toml)) - no 3rd party dependencies are involved. Security / vulnerability alerts related to [Python itself](https://www.cvedetails.com/vulnerability-list/vendor_id-10210/product_id-18230/Python-Python.html) would be addressed within Python.

A listing of current security / vulnerability alerts is available via [Dependabot](https://github.com/sr-murthy/continuedfractions/security) - these are usually related to sub-dependencies of optional or development dependencies, and are addressed via dedicated PRs as they arise.
In general, security / vulnerability alerts are managed via [Dependabot](https://github.com/sr-murthy/continuedfractions/security) alerts - these are usually related to sub-dependencies of optional or development dependencies, and are addressed via PRs as they arise.

The repository is enabled with a number of features to ensure security, including [CodeQL analysis](https://docs.github.com/en/code-security/code-scanning/introduction-to-code-scanning/about-code-scanning-with-codeql),
[Dependabot alerts](https://docs.github.com/en/code-security/dependabot/dependabot-alerts/about-dependabot-alerts) and [secrets scanning](https://docs.github.com/en/code-security/secret-scanning/about-secret-scanning).
Expand Down

0 comments on commit ce874ca

Please sign in to comment.