Only the latest minor version is officially supported with security updates. Given this is a teaching and demonstration project, we encourage all users to stay on the latest version.
| Version | Supported |
|---|---|
| 0.2.x | ✅ |
| < 0.2.0 | ❌ |
We take security issues seriously, even for educational projects. Here's how to report security vulnerabilities:
- Critical/High Severity: Email [email protected]
- Low Severity: Open a GitHub issue with the "security" label
- Affected versions
- Steps to reproduce
- Impact assessment
- Possible mitigations (if any)
- Whether you'd like to be credited for the discovery
- Initial Response: Within 48 hours
- Status Update: Within 7 days
- Fix Timeline: Depends on severity
- Critical: Within 7 days
- High: Within 14 days
- Low: Next release cycle
When using this package, consider:
- Don't store sensitive data in sets
- Be aware of memory usage with large sets
- Consider implications of set operations in concurrent contexts
Security-related questions can be directed to: