Skip to content

Security: MarwaBS/schema-firewall

Security

SECURITY.md

Security Policy

Supported Versions

Version Supported
0.1.x Yes
< 0.1 No

Reporting a Vulnerability

Please report security vulnerabilities through GitHub's private security advisory feature.

Do not report security vulnerabilities through public GitHub issues, discussions, or pull requests.

Expected initial response: within 7 days.

Scope

schema-firewall is a validation library -- it inspects DataFrames and pipeline functions you pass to it. It does not execute arbitrary code, open network sockets, or persist data. Plausible vulnerability classes are limited to:

  • Crashes or hangs on adversarial input frames.
  • False negatives where a known-leaky pipeline passes a check.
  • Dependency-chain issues inherited from numpy, pandas, or scikit-learn.

Anything outside that surface is out of scope.

There aren't any published security advisories