There are multiple projects in this repo. Versions are released as tags with a prefix to denote which project is targeted.
We actively support security updates for the following versions:
| Version | Supported |
|---|---|
| medcat/v2.x.x | ✅ |
| medcat/v1.x.x | ✅ |
| < 1.0 | ❌ |
| Version | Supported |
|---|---|
| MedCATTrainer/v2.x.x | ✅ |
| < 2.0 | ❌ |
| Version | Supported |
|---|---|
| MedCATService/1.x | ✅ |
| < 1.0 | ❌ |
Unless a project is explicitly stated in the previous section, all other projects in this monorepo are provided as-is for demonstration, testing, or experimentation purposes.
In terms of secuirty the unlisted projects are not intended for use with production data or in a live environment.
By using them, you acknowledge that:
- They are provided without warranties of any kind, express or implied, including but not limited to security, reliability, or suitability for a particular purpose.
- They may contain incomplete features, insecure defaults, or other issues that could compromise data or operations.
- The maintainers do not guarantee active support, monitoring, or security updates for these projects.
- You are solely responsible for reviewing, testing, and securing any code before use with sensitive or production data.
If you discover a security vulnerability, please do not open a public issue.
Instead, report it privately by using the GitHub Security Advisories for this repo
- Do not publicly disclose details of the vulnerability until we have released a fix.
- Do not attempt to exploit the vulnerability beyond what is necessary to demonstrate it.
- Provide as much detail as possible (affected versions, reproduction steps, etc.) to help us triage the issue quickly.