Thank you for helping keep ⚒️ Object Mother Pattern package and its users safe. We take security issues seriously and appreciate responsible disclosures.
Please do NOT open public issues for security reports. Use one of the private channels below so we can coordinate a safe disclosure.
| Channel | How it works |
|---|---|
| GitHub Security Advisory | 1. Navigate to the repository's “Security → Advisories” tab 2. Click “Report a vulnerability” and fill in the form |
Include the following, if possible:
- A concise description of the issue and its impact.
- Reproduction steps or a proof-of-concept script.
- Any mitigation ideas you've identified.
- Acknowledge report within 24–48 hours.
- Triage & validate the issue; request additional info if needed.
- Fix & prepare: develop a patch and regression tests.
- Coordinate release:
- Agree on a disclosure date with the reporter (usually ≤ 30 days).
- Publish a CVE (if applicable) and a new PyPI release.
- Post a security advisory and update CHANGELOG.
- Credit the reporter (optional & with consent).
We kindly ask you to:
- Allow us reasonable time to remediate before any public disclosure.
- Avoid violating user privacy, destroying data, or disrupting production services while researching.
- Test only on your own instances or in minimal, isolated cases.
We are committed to keeping this project and its users safe and will strive to resolve all legitimate reports swiftly and transparently.
Thank you for keeping the ⚒️ Object Mother Pattern package community secure! 🔐