If you discover a security vulnerability in PAGI, please report it privately rather than opening a public issue.
Contact options:
- Email: jjnapiork@cpan.org (preferred)
- GitHub Security Advisories: Use the "Report a vulnerability" button in the Security tab of this repository
Please include:
- Description of the vulnerability
- Steps to reproduce
- Potential impact
- Any suggested fixes (optional)
During the 0.x development phase, only the latest release receives security updates. Once PAGI reaches 1.0, a formal support policy will be established.
PAGI is non-commercial open source software, exempt from EU Cyber Resilience Act (CRA) requirements. Organizations integrating PAGI into commercial products are responsible for their own regulatory compliance.