Skip to content

Security: glatterf42/message_ix

Security

.github/SECURITY.md

Security Policy

As careful and community-oriented maintainers, we strive to keep our code safe to use for everyone. For this purpose, we highly value your input and will acknowledge your contributions as best we can.

Supported Versions

Unfortunately, the resources available for maintaining message_ix do not allow us to:

  • Support multiple versions at once.
  • Publish maintenance updates for older versions. For example, once message_ix version 3.10 is released, no further patch versions like 3.8.x, 3.9.x, etc. are possible.

We generally develop our main branch and so to get the version of our code that contains all currently available security updates, please install our code from source using the main branch. Please reach out to us if you encounter any issues in doing so.

If this is not an option, please ensure you are using the latest release of our code to profit from as many security updates as possible. message_ix is generally released twice a year, but may make additional releases on a shorter time line if necessary to mitigate critical vulnerabilities.

Reporting a Vulnerability

To report a security issue, please use the GitHub Security Adivsory "Report a vulnerability" tab. We will try to respond to your report as soon as possible with our and your next steps. If you wish, we will keep you informed about any progress until the vulnerability is fixed.

There aren’t any published security advisories