Skip to content

Security: jamesa94/resona

Security

SECURITY.md

Security Policy

Supported Versions

resona is pre-1.0; security fixes are applied to the latest released minor version on the main branch.

Version Supported
0.3.x
< 0.3

Reporting a Vulnerability

Please do not open a public issue for security problems.

Instead, use GitHub's private vulnerability reporting: Security → Report a vulnerability on the repository, or email the maintainer listed on the GitHub profile.

When reporting, include:

  • a description of the issue and its impact,
  • steps to reproduce or a proof of concept,
  • affected versions.

You can expect an initial acknowledgement within a few days. Once a fix is ready, we will coordinate a release and credit the reporter unless anonymity is requested.

Scope

resona executes model code and reads audio files you point it at. Treat untrusted checkpoints and audio as you would any untrusted input, and prefer running training/evaluation in an isolated environment.

There aren't any published security advisories