This project is not actively maintained and the authors make no claims about its security. See:
The system has the following entry points for dependencies:
- Dockerfile
- devcontainer.json, covering both
extensionsandfeatures - pyproject.toml
When submitting a PR to edit dependencies, you must also update the threat model with an argument for why the dependency is reasonable to trust and why its benefits outweigh the risks. See the dependency management sections in the THREAT_MODEL.md for details.
Feel free to:
- Create a PR and fix it
- Contact us at hello@titaniumbirch.com