Thank you for helping to keep DNA Encryption Algorithm and its users safe! This document explains how to report vulnerabilities, our disclosure process, and supported versions.
Please do not open public issues or pull requests for security problems. Instead, email dev.adak.ie@outlook.com with the details:
- Affected version(s) and environment (OS, Python, etc.)
- Steps to reproduce or proof‑of‑concept code
- Expected vs. actual behavior
- Any potential fix suggestions
We appreciate clearly written reports and will respond within 72 hours to acknowledge receipt.
PGP users: our public key is available at
security/pgp.asc(fingerprint TBD).
- Initial Triage – We verify and reproduce the issue.
- Acknowledgment – We contact the reporter with an ETA.
- Fix Development – Work on a patch and regression tests.
- Coordinated Release – Publish a new version & security advisory.
- Credit – Unless requested otherwise, we credit reporters in the changelog.
We aim to release patches within 14 days of confirmation for critical issues.
| Severity | Initial Response | Target Fix | Public Advisory |
|---|---|---|---|
| Critical | 24 h | 7 days | With patch |
| High | 48 h | 14 days | With patch |
| Medium | 3 d | Next minor | Next release |
| Low | 5 d | Next minor | At release |
We have enabled GitHub’s Private Vulnerability Reporting feature. If you prefer, click "Report a vulnerability" on the repository homepage to submit confidentially.
Security researchers and users make this project stronger. Your efforts are greatly appreciated! <3