Skip to content

Security: ateeducacion/python-moodle

Security

SECURITY.md

Security Policy

Supported Versions

Only the latest version of the plugin is supported with security updates. python-moodle follows a rolling release model.

Version Supported
Latest
< 0.0.1

Reporting a Vulnerability

If you discover a security vulnerability, please report it privately and responsibly using one of the channels below. Do not report vulnerabilities via public GitHub issues, GitHub Discussions, or social media.

  • Preferred method: Use GitHub's Private Vulnerability Reporting — go to this repository's Security tab and select "Report a vulnerability". This creates a private GitHub Security Advisory that is visible only to maintainers and the reporter until a fix is coordinated.
  • Alternative: If the option above is unavailable to you (for example, you do not have a GitHub account, or the feature is not yet enabled on this repository), email the maintainer directly at info@ernesto.es.

What to include

  • Affected version, tag, or commit hash
  • Environment details (OS, Python version, Moodle version if relevant)
  • Steps to reproduce the issue
  • Impact and potential severity

What happens next

  • We aim to acknowledge your report within 3 working days.
  • We aim to investigate and patch confirmed vulnerabilities within 10 working days.
  • If the issue is critical and affects users broadly, we may issue a GitHub Security Advisory and notify via the GitHub releases page once a fix is available.

Note: The maintainer may enable GitHub's repository-level "Private vulnerability reporting" setting so the Security tab's native reporting form is available directly. This is a manual repository setting and not something this document can enable on its own.

There aren't any published security advisories