We actively support the following versions of mvn-tree-visualizer:
| Version | Supported |
|---|---|
| 1.5.x | ✅ |
| 1.4.x | ✅ |
| 1.3.x | ❌ |
| 1.2.x | ❌ |
| 1.1.x | ❌ |
| 1.0.x | ❌ |
If you discover a security vulnerability in mvn-tree-visualizer, please report it to us responsibly.
- Do not create a public GitHub issue for security vulnerabilities
- Email us directly at: dyka3773@gmail.com
- Include the following information:
- Description of the vulnerability
- Steps to reproduce
- Affected versions
- Potential impact
- Suggested fix (if available)
- Acknowledgment: We will acknowledge receipt of your report as soon as possible (usually within 48 hours)
- Assessment: We will assess the vulnerability within 7 days
- Fix: We will work on a fix and release it as soon as possible
- Credit: We will credit you in the security advisory (unless you prefer to remain anonymous)
When using mvn-tree-visualizer:
- Keep updated: Always use the latest version
- Validate inputs: Be cautious with dependency files from untrusted sources
- File permissions: Ensure proper file permissions on generated outputs
- CI/CD: Use in secure CI/CD environments
This security policy applies to:
- The mvn-tree-visualizer Python package
- Official GitHub repository
- Documentation and examples
Thank you for helping keep mvn-tree-visualizer secure!