| Version | Supported |
|---|---|
| 0.1.x | ✅ |
If you discover a security vulnerability, please report it responsibly.
Do not open a public issue.
Email security concerns to dev@systemblue.io with:
- Description of the vulnerability
- Steps to reproduce
- Potential impact
- Suggested fix (if any)
We will acknowledge receipt within 48 hours and provide a timeline for a fix. Security patches are prioritized over all other work.
sounddiff processes audio files from disk. Relevant security concerns include:
- Path traversal in file handling
- Denial of service via malformed audio files
- Dependency vulnerabilities
- Secret leakage in CI/CD
We run gitleaks in CI and as a pre-commit hook to prevent accidental secret commits.