The Cytomining maintainers and community take security bugs seriously. We appreciate your efforts to responsibly disclose your findings, and will make every effort to acknowledge your contributions.
To report a security issue, please use the GitHub Security Advisory "Report a Vulnerability" tab within the related a related project. If you don't find the relevant project link below, please select one from the below and specify in the form fields to which project the issue pertains.
A number of development-only dependencies are included with Cytomining projects for maintenance and testing purposes.
Please see, for example, project pyproject.toml table [tool.poetry.dependencies] for a list of non-development dependencies and [tool.poetry.group.dev.dependencies] for a list of development dependencies.
Development dependencies are by default not shipped with distributed versions of the code for this project (for example, distributed code on PyPI).
Just the same, we strongly recommend validating included dependencies and potential vulnerabilities for your environment as well as relevant policy requirements.