We provide security updates for our latest stable release series.
To report a security vulnerability, please use the GitHub Security advisory system or email security@sensible-analytics.com.
You should receive a response within 48 hours. If you do not, please follow up via email to ensure we received your original message.
Please include the following information with your report:
- Project name and version affected
- Detailed description of the vulnerability
- Steps to reproduce
- Potential impact
- Any mitigating factors you are aware of
We follow responsible disclosure practices and will work with you to resolve vulnerabilities promptly.
We recommend all users follow these security practices:
- Keep dependencies up to date
- Use least privilege principles
- Validate and sanitize all inputs
- Use secure defaults
- Conduct regular security audits
Security Maintainer: security@sensible-analytics.com