| Version | Supported |
|---|---|
| latest release | Yes |
| older releases | No |
Only the most recent tagged release receives security updates.
If you discover a security vulnerability in this project, please report it responsibly.
Do not open a public issue.
Instead, use one of the following methods:
- GitHub Security Advisories (preferred): use the Report a vulnerability button on the Security tab of this repository.
- Email: contact the maintainers at sebastien.nedjar@univ-amu.fr.
Please include:
- A description of the vulnerability
- Steps to reproduce or a proof of concept
- The affected version(s)
- Any potential impact
We will acknowledge your report within 7 days and aim to provide a fix or mitigation within 30 days, depending on severity.
This policy covers the MicroPython driver library code in lib/ and the build/CI tooling. It does not cover:
- The MicroPython firmware itself (report upstream at micropython/micropython)
- The STeaMi board hardware
- Third-party dependencies (npm packages, Python packages — report upstream to the respective package maintainers)
This repository has the following GitHub security features enabled:
- Dependabot alerts for dependency vulnerability detection
- CodeQL analysis for static security analysis
- Secret scanning for detecting leaked credentials