github/langchain
1
0
Fork 0
mirror of https://github.com/hwchase17/langchain.git synced 2025-07-19 19:11:33 +00:00
Code Issues Packages Projects Releases Wiki Activity

chore: update SECURITY.md (#32060)

Browse Source 
Made minor changes, making it neat
This commit is contained in:
Krishna Somani 2025-07-16 19:50:59 +05:30 committed by GitHub
parent c133eff6c8
commit e2dc36b126
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
1 changed files with 3 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
SECURITY.md
View File

@ -31,15 +31,13 @@ LangChain is partnered with [huntr by Protect AI](https://huntr.com/) to provide
a bounty program for our open source projects. a bounty program for our open source projects.
Please report security vulnerabilities associated with the LangChain Please report security vulnerabilities associated with the LangChain
open source projects by visiting the following link: open source projects [here](https://huntr.com/bounties/disclose/?target=https%3A%2F%2Fgithub.com%2Flangchain-ai%2Flangchain&validSearch=true).
[https://huntr.com/bounties/disclose/](https://huntr.com/bounties/disclose/?target=https%3A%2F%2Fgithub.com%2Flangchain-ai%2Flangchain&validSearch=true)
Before reporting a vulnerability, please review: Before reporting a vulnerability, please review:
1) In-Scope Targets and Out-of-Scope Targets below. 1) In-Scope Targets and Out-of-Scope Targets below.
2) The [langchain-ai/langchain](https://python.langchain.com/docs/contributing/repo_structure) monorepo structure. 2) The [langchain-ai/langchain](https://python.langchain.com/docs/contributing/repo_structure) monorepo structure.
3) The [Best practices](#best-practices) above to 3) The [Best Practices](#best-practices) above to
understand what we consider to be a security vulnerability vs. developer understand what we consider to be a security vulnerability vs. developer
responsibility. responsibility.
@ -64,7 +62,7 @@ All out of scope targets defined by huntr as well as:
bounties. This includes the following directories bounties. This includes the following directories
- libs/langchain/langchain/tools - libs/langchain/langchain/tools
- libs/community/langchain_community/tools - libs/community/langchain_community/tools
- Please review the [best practices](#best-practices) - Please review the [Best Practices](#best-practices)
for more details, but generally tools interact with the real world. Developers are for more details, but generally tools interact with the real world. Developers are
expected to understand the security implications of their code and are responsible expected to understand the security implications of their code and are responsible
for the security of their tools. for the security of their tools.