Which versions of argopy are currently being supported with security updates:
| Version | Supported |
|---|---|
| master branch | ✅ |
| others | ❌ |
In other words, argopy releases that can be installed through the pypi and conda distribution channels are NOT updated with regard to security issues.
Once a security issue has been reported (see below) and addressed in a specific PR, only an argopy installation from the master branch will benefit from it.
Depending on the severity of the security vulnerability, a new release may be published.
If you need to report a vulnerability, please login with your Github account and fill in a draft security advisory here: https://github.com/euroargodev/argopy/security/advisories/new
The argopy team should get back to you in a timely manner depending on the severity of the reported vulnerability.