gogpu/gg is currently in early development (v0.x.x).
| Version | Supported |
|---|---|
| 0.1.x | ✅ |
| < 0.1.0 | ❌ |
DO NOT open a public GitHub issue for security vulnerabilities.
Instead, please report security issues via:
-
Private Security Advisory (preferred): https://github.com/gogpu/gg/security/advisories/new
-
GitHub Discussions (for less critical issues): https://github.com/gogpu/gg/discussions
- Description of the vulnerability
- Steps to reproduce
- Affected versions
- Potential impact
- Initial Response: Within 72 hours
- Fix & Disclosure: Coordinated with reporter
gogpu/gg is a Pure Go 2D graphics library. Security considerations:
- Image Loading - Be cautious with untrusted image files (PNG/JPG parsing)
- File System - SavePNG/SaveJPG write to specified paths
- Memory - Large canvases allocate significant memory
- GitHub Security Advisory: https://github.com/gogpu/gg/security/advisories/new
- Public Issues: https://github.com/gogpu/gg/issues
Thank you for helping keep gogpu/gg secure!