ExecuTrace/SECURITY.md

Security Policy

Supported Versions

We currently support security updates for the latest stable release on PyPI:

• exectrace-workflow latest version

Reporting a Vulnerability

Please do not open a public issue for security bugs.

Use one of these methods:

1. GitHub Security Advisories (preferred):
   • Go to Security tab in the repository
   • Click Advisories
   • Start a private vulnerability report
2. If advisories are unavailable, open a private report via repository maintainers.

Disclosure Timeline

1. We acknowledge reports within 72 hours.
2. We validate and reproduce the issue.
3. We prepare a fix and release patch.
4. We publish an advisory with credit (if requested).

Hall of Fame

Responsible reporters are credited on the project website under Security Hall of Fame after a fix is shipped.