If you discover a security vulnerability in Dfetch, please let us know right away and don't post a public issue. You can report issues by opening a confidential issue via GitHub Security Advisories. See GitHub's private vulnerability reporting for more info. If you have no contact please contact us through the mail listed in the pyproject.toml.

We appreciate your help in keeping Dfetch safe for everyone. We aim to respond to security reports within 5 business days.

We actively maintain and patch the latest release of Dfetch. Older versions may not receive security updates.

We ask that you give us a reasonable amount of time to address security issues before public disclosure. We will keep you updated on our progress and let you know when the issue has been resolved.

Thank you to everyone who helps keep Dfetch secure! We’re grateful for responsible disclosures and contributions from the community.