connermajic/rods
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
ce137dd1c2f60d8d68fbaf56720d3525bc7f408a
rods/SECURITY.md
Conner Majic ce137dd1c2 docs: sync governance and validation with hardening pass 
Update contributor, security, validation, and compute handoff documentation to reflect new runtime safeguards, CI gates, and expected regression checks.

Made-with: Cursor
2026-04-17 08:23:37 -06:00

944 B
Raw Blame History

Security policy

Supported versions

This repository is under active development. Security fixes land on the default branch (main) first.

Reporting a vulnerability

Please email the repository maintainers with:

  • a short description of the issue
  • steps to reproduce (if applicable)
  • affected component (solver-api, gui-ts, solver-c, Docker, etc.)

Do not open a public issue for undisclosed vulnerabilities.

Scope notes

  • The local API is intended for trusted development networks. Do not expose it to the public internet without hardening (TLS, auth, rate limits, reverse proxy).
  • Treat uploaded XML as untrusted input at API boundaries.
  • CORS_ORIGINS can be set to a comma-separated allowlist for browser clients; default behavior is permissive for local development.
  • For production-like deployments, disable runtime compiler dependencies and prebuild solver-c/solver_main and solver-c/solver_fea_main.
Reference in New Issue View Git Blame Copy Permalink