Skip to content

Security: johnmikel/dataproduct-kit

Security

SECURITY.md

Security

Supported versions

dataproduct-kit is currently pre-1.0. Security fixes will target the latest main branch until versioned releases begin.

Reporting a vulnerability

Please do not open a public issue for a suspected vulnerability.

Use GitHub private vulnerability reporting if it is enabled for the repository, or contact the repository owner through their GitHub profile with:

  • A concise description of the issue.
  • Steps to reproduce.
  • Affected command or manifest field.
  • Any relevant sample files, using synthetic data only.

Data handling

The bundled demo data is synthetic. When reporting bugs, do not include private customer data, credentials, warehouse connection strings, or proprietary contracts.

There aren't any published security advisories