Skip to content

Security: bevry/envfile

SECURITY.md

Security Policy

Security Practices

This project meets standardized secure software development practices, including 2FA for all members, password managers with monitoring, secure secret retrieval instead of storage. Learn about our practices.

Supported Versions

This project uses Bevry's automated tooling to deliver the latest updates, fixes, and improvements inside the latest release while still maintaining widespread ecosystem compatibility.

Refer to supported ecosystem versions: Editions section in README.md

Refer to automated support of ecosystem versions: boundation entries in HISTORY.md

Besides testing and verification, out CI also auto-merges Dependabot security updates and auto-publishes successful builds of the master branch to the next version tag, offering immediate resolutions before scheduled maintenance releases.

Reporting a Vulnerability

Report the vulnerability to the project owners.

Report the vulnerability to Tidelift.

There aren’t any published security advisories