| Version | Supported |
|---|---|
| 4.x | Yes |
| 3.x and earlier | No |
If you discover a security vulnerability in Radia, please report it responsibly.
Do NOT open a public issue.
Instead, contact the maintainers privately:
- Contact: Open a private security advisory on GitHub
- Description of the vulnerability
- Steps to reproduce
- Potential impact
- Suggested fix (if any)
- Acknowledgement: Within 7 days
- Assessment: Within 14 days
- Fix release: Depends on severity
This policy covers:
- The Radia Python package (
radia) - The
radia-mcpandcubit-mesh-exportpackages in this monorepo - C++ core library (
src/core/) - Build scripts and CI/CD workflows
- Example scripts (if they demonstrate insecure patterns)
- Radia uses Intel MKL shared libraries (
mkl_rt.dll). MKL internally depends onlibiomp5md.dll(Intel OpenMP). Ensure these are obtained from official Intel channels. - The
_radia_pybind.pydbinary is distributed via GitHub Releases. Verify checksums when downloading pre-built binaries.