Seguridad y privacidad

Truco

Para Weblate, la seguridad es mantener un entorno que valore la privacidad de los usuarios.

Development of Weblate adheres to the Best Practices of the Linux Foundation’s Core Infrastructure Initiative.

Ver también

Discovered a security issue in Weblate? Please read Reporting security issues.

Security updates

Only the latest release is guaranteed to receive security updates.

Búsqueda de vulnerabilidades en las dependencias

Security issues in our dependencies are monitored using Dependabot. This covers the Python and JavaScript libraries, and the latest stable release has its dependencies updated to avoid vulnerabilities.

Consejo

There might be vulnerabilities in third-party libraries which do not affect Weblate, so those are not addressed by releasing bugfix versions of Weblate.

Docker container security

The Docker containers are regularly scanned using Anchore and Trivy security scanners.

This allows us to detect vulnerabilities early and release improvements quickly.

You can get the results of these scans at GitHub — they are stored as artifacts on our CI in the SARIF format (Static Analysis Results Interchange Format).

Ver también

Integración continua