Use this section to tell people about which versions of your project are currently being supported with security updates.
| Version | Supported |
|---|---|
| 5.1.x | ✅ |
| 5.0.x | ❌ |
| 4.0.x | ✅ |
| < 4.0 | ❌ |
Audit reports are published in the docs folder
| Scope | Date | Report Link |
|---|
Please do not file a public ticket mentioning the vulnerability.
To find out how to disclose a vulnerability in astranet email [email protected]. Please read the [disclosure page] for more information about publicly disclosed security vulnerabilities.
Use the built-in ast version-check feature to check whether the software is affected by any known vulnerability. This command will fetch the latest [vulnerabilities.json] file which contains known security vulnerabilities concerning ast, and cross-check the data against its own version number.
The following key may be used to communicate sensitive information to developers.
Fingerprint:
-----BEGIN PGP PUBLIC KEY BLOCK-----
Version: SKS 1.1.6
Comment: Hostname: pgp.mit.edu