Security policy

This document outlines security procedures and general policies for CovsirPhy project.

Supported versions

Please use the latest stable version or development version of CovsirPhy.

  • The latest stable version: pip install --upgrade covsirphy

  • The latest development version: pip install --upgrade "git+https://github.com/lisphilar/covid19-sir.git#egg=covsirphy"

The details are in Installation guide.

Reporting a vulnerability

The development team and community take all vulnerability in CovsirPhy project seriously. If you find any bugs, please kindly notify via Issues of CovsirPhy or e-mails to the author Hirokazu Takaya. We appreciate your efforts and responsible disclosure and will make every effort to acknowledge your contributions.

Please report security bugs in dependencies or datasets to the person or team maintaining the module.

Disclosure policy

When the development team receives a security bug report, they will coordinate the fix and release process, involving the following steps:

  • Confirm the problem and determine the affected versions.

  • Audit code to find any potential similar problems.

  • Prepare fixes for the latest releases.

The author (Hirokazu Takaya) releases the next version as soon as possible to fix the bug.

Comments on this policy

If you have suggestions on how this process could be improved, please submit a pull request.

Note: SECURITY.md at https://github.com/standard/.github/blob/master/SECURITY.md was used as the template of this security policy. Thank you.