The following table shows which versions of piano are currently being supported with security updates.

We only provide security updates and fixes for the latest code on the main branch.

If you discover a security vulnerability within this project, please help us keep the community safe by following these steps:

• Provide as much detail as possible:
  • A clear description of the vulnerability
  • Steps to reproduce the issue
  • The potential impact
  • Any suggested fixes or mitigations

• Always pull the latest image or rebuild the environment to ensure patched dependencies.
• Avoid exposing ports publicly unless necessary.
• Use strong passwords and secrets when connecting to external resources.
• Regularly update Python packages and system dependencies.

We deeply appreciate the efforts of security researchers and contributors who help us improve the security of piano.