oatf 0.4.0

Rust SDK for the Open Agent Threat Format (OATF)
Documentation 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27

# Security Policy

## Supported Versions

| Version | Supported |
|---------|-----------|
| 0.4.x   | Yes       |
| 0.3.x   | No        |
| < 0.3   | No        |

## Reporting a Vulnerability

Please report security vulnerabilities through
[GitHub private vulnerability reporting](https://github.com/oatf-spec/oatf-rs/security/advisories/new).

**Do not** open a public issue for security vulnerabilities.

## Response Timeline

- **Acknowledgment**: within 48 hours
- **Critical patches**: within 7 days
- **Coordinated disclosure**: 90 days

## Scope

This policy covers the `oatf` library crate. Issues in the OATF specification
itself should be reported to the [spec repository](https://github.com/oatf-spec/spec).