Security and privacy¶
At Weblate, security maintains an environment that values the privacy of our users.
Weblate development follows the Best Practices of the Linux Foundation’s Core Infrastructure Initiative.
Tracking dependencies for vulnerabilities¶
There might be vulnerabilities in third-party libraries which do not affect Weblate, and we do not address these in a bugfix release.
Docker containers security¶
This allows us to detect vulnerabilities early and release an updated version of the container containing fixes.
You can get the results of these scans at GitHub - they are stored as artifacts on our CI as Static Analysis Results Interchange Format (SARIF).