mirror of
https://gh.wpcy.net/https://github.com/WeblateOrg/weblate.git
synced 2026-04-27 13:24:26 +08:00
48 lines
1.5 KiB
ReStructuredText
48 lines
1.5 KiB
ReStructuredText
Security and privacy
|
|
====================
|
|
|
|
.. tip::
|
|
|
|
At Weblate, security maintains an environment that values the privacy of our users.
|
|
|
|
Development of Weblate adheres to the `Best Practices of the Linux Foundation's Core Infrastructure Initiative <https://bestpractices.coreinfrastructure.org/projects/552>`_.
|
|
|
|
.. seealso::
|
|
|
|
:ref:`security`
|
|
|
|
Security updates
|
|
----------------
|
|
|
|
Only the latest release is guaranteed to receive security updates.
|
|
|
|
Tracking dependencies for vulnerabilities
|
|
-----------------------------------------
|
|
|
|
Security issues in our dependencies are monitored using `Dependabot`_. This
|
|
covers the Python and JavaScript libraries, and the latest stable release has
|
|
its dependencies updated to avoid vulnerabilities.
|
|
|
|
.. hint::
|
|
|
|
There might be vulnerabilities in third-party libraries which do not affect
|
|
Weblate, so those are not addressed by releasing bugfix versions of Weblate.
|
|
|
|
Docker container security
|
|
-------------------------
|
|
|
|
The Docker containers are regularly scanned using `Anchore`_ and `Trivy`_
|
|
security scanners.
|
|
|
|
This allows us to detect vulnerabilities early and release improvements quickly.
|
|
|
|
You can get the results of these scans at GitHub — they are stored as artifacts
|
|
on our CI in the SARIF format (Static Analysis Results Interchange Format).
|
|
|
|
.. seealso::
|
|
|
|
:ref:`ci-tests`
|
|
|
|
.. _Dependabot: https://docs.github.com/en/code-security/dependabot/dependabot-security-updates/about-dependabot-security-updates
|
|
.. _Anchore: https://anchore.com/
|
|
.. _Trivy: https://github.com/aquasecurity/trivy
|
