Please report security issues by emailing pythonliquid22@gmail.com.

Normal issues, without security implications, should be reported to the issue tracker. If you believe you've found an issue with Python Liquid that does have security implications, please send a description of the issue, including code necessary to reproduce it, to pythonliquid22@gmail.com.

You will receive an email acknowledging receipt of the issue within no more than 48 hours (probably less). We aim to release fixes for security issues within 1 week of initial disclosure. Longer if more information is required, in which case you'll be contacted with a request for further details.

At any point in time, the last two (at least) major versions of Python Liquid will receive security updates for at least three years after initial release.

Older (not the latest), minor releases do not officially receive security updates, but might be available upon request.