We actively support the following versions of pangeo-pyinterp with security updates:
| Version | Supported |
|---|---|
| 2025.x | ✅ |
| < 2025 | ❌ |
We typically support the current year's releases. Older versions may not receive security updates.
If you discover a security vulnerability in pangeo-pyinterp, please report it responsibly:
Please report security vulnerabilities by emailing the maintainers or by opening a private security advisory on GitHub:
- GitHub Security Advisory (preferred): Navigate to the Security tab of this repository and click "Report a vulnerability"
- Email: Contact the project maintainers directly (see CONTRIBUTING.md for contact information)
When reporting a vulnerability, please include:
- A description of the vulnerability
- Steps to reproduce the issue
- Potential impact of the vulnerability
- Any suggested fixes (if available)
- Initial Response: We aim to acknowledge receipt of your vulnerability report within 5 business days
- Status Updates: We will provide updates on our investigation as the work progresses
- Resolution: We will work to address confirmed vulnerabilities in a reasonable timeframe depending on severity and complexity
- If Accepted: We will work with you to understand the issue, develop a fix, and coordinate disclosure. You will be credited for the discovery (unless you prefer to remain anonymous)
- If Declined: We will provide an explanation of why we don't consider the reported issue to be a security vulnerability
Thank you for helping keep pangeo-pyinterp and its users secure!