SO101-Nexus is pre-1.0 and under active development. Security fixes are applied to
the latest released minor version, currently the 0.4.x series. Please upgrade to
the most recent release before reporting an issue.
| Version | Supported |
|---|---|
| 0.4.x | Yes |
| < 0.4 | No |
Please do not report security vulnerabilities through public GitHub issues.
Instead, use GitHub's private vulnerability reporting: open the repository's Security tab and choose Report a vulnerability. This opens a private advisory visible only to the maintainers.
Include as much detail as you can:
- A description of the vulnerability and its impact.
- Steps to reproduce, or a proof of concept.
- Affected versions and environment (operating system, Python version, backend).
- Acknowledgement of your report, typically within a few days.
- An assessment of the report and, if confirmed, a fix targeting the supported release series.
- Coordinated disclosure: we will agree on a timeline before any public detail is shared, and credit you in the advisory unless you prefer to remain anonymous.