We believe that security is a collective responsibility within the Data Science Workbook community. Every contribution, issue tracking, and interaction is a collective effort to maintain the integrity and safety of our platform, ensuring it remains a trusted and secure environment for all users.
The DSW team and community take security bugs in Data Science Workbook seriously. We appreciate your efforts to responsibly disclose your findings, and will make every effort to acknowledge your contributions.
To report a security issue, please use the GitHub Security Advisory Security tab and craft a report following the structure provided in the description field template.:
### Summary
Short summary of the problem. Make the impact and severity as clear as possible.
For example: An unsafe deserialization vulnerability allows any unauthenticated user to execute arbitrary code on the server.
### Details
Give all details on the vulnerability. Pointing to the incriminated source code is very helpful for the maintainer.
### PoC
Complete instructions, including specific configuration details, to reproduce the vulnerability.
### Impact
What kind of vulnerability is it? Who is impacted?
The DSW team will send a response indicating the next steps in handling your report. After the initial reply to your report, we will keep you informed of the progress towards a fix and full announcement, and may ask for additional information or guidance.
To learn more about securing an Electron application, please see the security tutorial by Electron framework.