File tree 2 files changed +30
-0
lines changed
2 files changed +30
-0
lines changed Original file line number Diff line number Diff line change 1+ # Security Policy
2+
3+ ## Supported Versions
4+
5+ Only the latest release is supported.
6+
7+ ## Reporting a Vulnerability
8+
9+ To report an issue, go to https://github.com/python/typing_extensions/security .
10+ We commit to respond to any issue within 14 days and promptly release any fixes.
Original file line number Diff line number Diff line change @@ -1216,3 +1216,23 @@ versions of Python, but all are listed here for completeness.
12161216 See :py:func: `typing.no_type_check_decorator `.
12171217
12181218 .. versionadded :: 4.7.0
1219+
1220+ Security
1221+ --------
1222+
1223+ ``typing_extensions `` is among the most widely used packages in the
1224+ Python ecosystem. Therefore, we take security seriously and strive
1225+ to use a transparent, secure release process.
1226+
1227+ We commit to the following in order to keep the package secure in the
1228+ future:
1229+
1230+ * ``typing_extensions `` will never include any native extensions, only
1231+ pure Python code.
1232+ * ``typing_extensions `` will not have any third-party dependencies.
1233+ * We will follow best practices for a secure release process.
1234+
1235+ If you have any feedback on our security process, please `open an issue
1236+ <https://github.com/python/typing_extensions/issues/new> `__. To report
1237+ an issue privately, use `GitHub's private reporting feature
1238+ <https://github.com/python/typing_extensions/security> `__.
You can’t perform that action at this time.
0 commit comments