Wickra

Appearance

Security

Found a vulnerability in Wickra? Please do not open a public issue.

Report it privately through one of:

  • GitHub's private vulnerability reporting — open the affected repository's Security tab and choose "Report a vulnerability", or
  • email support@wickra.org with a subject line starting with [wickra security].

Please include the affected repository and version (or commit), a description of the issue and its impact, and steps to reproduce — ideally a minimal proof of concept.

What to expect

  • An acknowledgement within 5 working days.
  • An assessment and, if confirmed, a planned fix with a target release.
  • Coordinated disclosure: we agree on a disclosure date with you and credit you in the release notes unless you prefer to stay anonymous.

Scope

In scope: the source code, build and release workflows, and published artifacts of the wickra-lib repositories. Out of scope: vulnerabilities in third-party dependencies — report those upstream; we track them via Dependabot.

The full policy lives in the main repository's SECURITY.md.

CICodeQLcodecovGitHub releasecrates.ioPyPInpmNuGetMaven CentralGo moduler-universeLicense: MIT OR Apache-2.0OpenSSF ScorecardOpenSSF Best PracticesBuild provenanceVerified across 10 languages

Released under the MIT OR Apache-2.0 license — not a trading system, use at your own risk.

Copyright © 2026 kingchenc·Updated 22 Jun 2026·About·Privacy