Skip to content

Security: eventum-generator/eventum

SECURITY.md

Security Policy

Supported versions

Eventum is distributed on PyPI and Docker Hub. Fixes are released in new versions, so security support targets the latest release.

Version Supported
Latest release Yes
Older releases No

If you are affected by a vulnerability, the first step is to update to the latest release.

Reporting a vulnerability

Please do not report security vulnerabilities through public issues, discussions, or pull requests.

Report privately through one of these channels:

Please include as much of the following as you can:

  • A description of the vulnerability and its impact.
  • The Eventum version and how you run it (pip, uv, Docker, or from source).
  • Steps to reproduce, ideally with a minimal config, template, or proof of concept.
  • Any relevant logs, stack traces, or affected components.

What to expect

  • We will acknowledge your report as soon as possible and let you know the next steps.
  • We will keep you informed as we investigate and work on a fix.
  • We follow coordinated disclosure: please give us reasonable time to release a fix before any public disclosure. We are happy to credit you once the issue is resolved, unless you prefer to remain anonymous.

Thank you for helping keep Eventum and its users safe.

There aren't any published security advisories