Python
/
uv
mirror of https://github.com/astral-sh/uv
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Add CVE disclosure to security policy (#11037)

This commit is contained in:
Zanie Blue 2025-01-28 14:36:53 -06:00 committed by GitHub
parent f1840c77b6
commit a9f35523c9
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
1 changed files with 5 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
SECURITY.md
View File

@ -21,3 +21,8 @@ If you have found a possible vulnerability that is not excluded by the above
While we sincerely appreciate and encourage reports of suspected security problems, please note that While we sincerely appreciate and encourage reports of suspected security problems, please note that
Astral does not currently run any bug bounty programs. Astral does not currently run any bug bounty programs.
## Vulnerability disclosures
Critical vulnerabilities will be disclosed via GitHub's
[security advisory](https://github.com/astral-sh/uv/security) system.