Only the latest version of the plugin is supported with security updates. python-moodle follows a rolling release model.
| Version | Supported |
|---|---|
| Latest | ✅ |
| < 0.0.1 | ❌ |
If you discover a security vulnerability, please report it privately and responsibly using one of the channels below. Do not report vulnerabilities via public GitHub issues, GitHub Discussions, or social media.
- Preferred method: Use GitHub's Private Vulnerability Reporting — go to this repository's Security tab and select "Report a vulnerability". This creates a private GitHub Security Advisory that is visible only to maintainers and the reporter until a fix is coordinated.
- Alternative: If the option above is unavailable to you (for example, you do not have a GitHub account, or the feature is not yet enabled on this repository), email the maintainer directly at
info@ernesto.es.
- Affected version, tag, or commit hash
- Environment details (OS, Python version, Moodle version if relevant)
- Steps to reproduce the issue
- Impact and potential severity
- We aim to acknowledge your report within 3 working days.
- We aim to investigate and patch confirmed vulnerabilities within 10 working days.
- If the issue is critical and affects users broadly, we may issue a GitHub Security Advisory and notify via the GitHub releases page once a fix is available.
Note: The maintainer may enable GitHub's repository-level "Private vulnerability reporting" setting so the Security tab's native reporting form is available directly. This is a manual repository setting and not something this document can enable on its own.