Skip to content

Security: beeware/toga

SECURITY.md

Security Policy

The BeeWare Projects team is strongly committed to responsible reporting and disclosure of security-related issues. As such, we’ve adopted and follow a set of policies which conform to that ideal and are geared toward allowing us to deliver timely security updates to the official distribution of BeeWare tools, as well as to third-party distributions.

Reporting security issues

Short version: please report security issues by emailing [email protected].

Most normal bugs in BeeWare are reported to our public Github issue trackers, but due to the sensitive nature of security issues, we ask that they not be publicly reported in this fashion.

Instead, if you believe you’ve found something in BeeWare which has security implications, please send a description of the issue via email to [email protected]. Mail sent to that address reaches the security team.

Once you’ve submitted an issue via email, you should receive an acknowledgment from a member of the security team within 48 hours, and depending on the action to be taken, you may receive further followup emails.

Supported versions

At present, the BeeWare team is only committed to providing security updates to the most recently released versions of our tools.

There aren’t any published security advisories