BREOS is pre-1.0 and under active development. Security fixes are applied to the latest released version only. Please make sure you are on the most recent release before reporting an issue.
| Version | Supported |
|---|---|
| 0.2.x | ✅ |
| < 0.2 | ❌ |
Please do not open a public GitHub issue for security vulnerabilities.
Report privately through one of the following channels:
- GitHub Security Advisories — use the "Report a vulnerability" button on the repository's Security tab (preferred).
- Email — lrodrigues@fe.up.pt with the subject line
BREOS security.
Please include:
- A description of the vulnerability and its potential impact.
- Steps to reproduce, or a proof of concept.
- The BREOS version and Python version affected.
You can expect an acknowledgement within a few business days. Once the issue is confirmed, we will work on a fix, coordinate a release, and credit you in the advisory unless you prefer to remain anonymous.