Only the latest major version of Repid is currently supported for security updates.
| Version | Supported |
|---|---|
| 2.x.x | ✅ |
| < 2.x.x | ❌ |
If you discover a potential security vulnerability, please report it immediately by emailing me@aleksul.space. Please be as detailed as possible, providing step-by-step instructions to reproduce the issue. Including a Minimal Reproducible Example (MRE) is highly appreciated.
The author (@aleksul) will review your report thoroughly and respond as soon as possible.
Please refrain from publicly discussing potential security vulnerabilities before they are resolved.
It is critically important to discuss such issues privately first. This ensures a patch can be developed and distributed, mitigating potential impacts on users.
Repid integrates with various message brokers. Some protocol implementations are native to Repid, while others rely on external libraries.
If a security issue originates in an external dependency or the broker itself, please report it directly to the respective maintainers.
| Integration | Where Maintained |
|---|---|
| AMQP 1.0 | In Repid |
| GCP Pub/Sub | In Repid / grpcio / google-auth |
| Amazon SQS | aiobotocore |
| Redis | redis-py |
| NATS | nats-py |
| Kafka | aiokafka |