Uh oh!
There was an error while loading.Please reload this page.
- Notifications
You must be signed in to change notification settings - Fork939
Commitd6b678c
committed
Drop obsolete info on yanking from security policy
Versions may still be yanked for security reasons under specificcircumstances, but this is not the usual or most common practice inGitPython, at least currently. Recent security updates have notbeen accompanied by yanking older versions, and allowing theseversions to be selected automatically even when not called forspecifically can be good, such as to prevent an even older versionwith even more vulnerabilities from being installed in situationswhere for some reason the latest version is not yet being used.In general, users shouldn't (and don't) assume all non-yankedversions to be free of security fixes that later versions havereceived. This change updates SECURITY.md to avoid giving thatimpression, but of course some versions of GitPython may still beyanked in the future if circumstances warrant it.1 parent1e7d885 commitd6b678c
1 file changed
+1
-2
lines changedLines changed: 1 addition & 2 deletions
| Original file line number | Diff line number | Diff line change | |
|---|---|---|---|
| |||
2 | 2 | | |
3 | 3 | | |
4 | 4 | | |
5 | | - | |
6 | | - | |
| 5 | + | |
7 | 6 | | |
8 | 7 | | |
9 | 8 | | |
| |||
0 commit comments
Comments
(0)