Security fixes are made on the default branch. If releases are cut in future, only the latest release line will be supported.
This pipeline processes user-supplied FASTQ, CSV, GTF, reference-index and path inputs. If you find a vulnerability such as unsafe path handling, unintended file overwrite, container escape risk, or credential leakage in cloud execution, do not open a public issue.
Email: evk23umu@uea.ac.uk
Subject: rnaseq-nextflow security: <short description>
Please include:
- A minimal reproduction command or config
- Operating system and Nextflow version
- Whether Docker, Singularity, local, or AWS Batch was used
- Expected impact
I aim to respond within 7 days. Public correctness bugs, failed runs, and feature requests should be opened as GitHub issues.
Do not attach patient-level FASTQ files, clinical metadata, access keys, S3 bucket names, or private sample sheets to public issues. Use synthetic data or redacted paths wherever possible.