Skip to content

Security: psychopathdev/voxavatar

Security

SECURITY.md

Security Policy

Supported versions

voxavatar is pre-1.0; security fixes are applied to the latest released version on the main branch.

Version Supported
0.3.x
< 0.3

Reporting a vulnerability

Please do not open a public issue for security problems. Instead, use GitHub's private security advisory form for this repository, or email the maintainer listed on the GitHub profile.

You can expect an acknowledgement within a few days. Once a fix is ready we'll coordinate a release and credit you in the changelog unless you prefer to stay anonymous.

Scope

The core library has no network or filesystem side effects beyond the WAV/CSV paths you pass it explicitly, and no runtime dependencies. The most likely security-relevant surface is a malicious WAV file fed to read_wav; reports about parsing behaviour there are welcome.

There aren't any published security advisories