Only the latest minor release receives security fixes. Older minor versions are not patched.
| Version | Supported |
|---|---|
| latest | Yes |
| older | No |
Please do not open a public GitHub issue for security vulnerabilities.
Use GitHub Private Vulnerability Reporting to report issues confidentially:
- Go to the repository's Security tab: https://github.com/nightwing-us/mcpyida/security
- Click "Report a vulnerability".
- Fill in the details and submit.
Your report is visible only to repository maintainers until a fix is published.
We aim to acknowledge all reports within 5 business days. Complex vulnerabilities may take longer to investigate and patch; we will communicate status updates through the private advisory thread.
We follow coordinated disclosure:
- The maintainer acknowledges the report.
- A fix is developed and tested privately.
- A patched release is published.
- A public advisory is issued (GitHub Security Advisory) after the fix is available, giving users time to upgrade.
We ask reporters to keep vulnerability details private until the advisory is published. We will credit reporters in the advisory unless they prefer to remain anonymous.