You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardExpand all lines: security.md
+10Lines changed: 10 additions & 0 deletions
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -12,3 +12,13 @@ Report security bugs in third-party modules to the person or team maintaining th
12
12
## Learning More About Security
13
13
14
14
To learn more about securing your applications with Contrast, please see the [our docs](https://docs.contrastsecurity.com/?lang=en).
15
+
16
+
## "BREAK GLASS" In case of emergency
17
+
18
+
_Compromised library:_
19
+
20
+
In the event that a library that SmartFix uses is found to be compromised (like the LiteLLM hack):
21
+
- Update `src/requirements.txt` to list an uncompromised version of the library
22
+
- Regenerate `src/requirements.lock` with `uv pip compile src/requirements.txt ... -o src/requirements.lock` and inspect it to ensure it doesn't include a compromised version
23
+
- Verify that the SmartFix workflow functions properly against one of our test applications to fix a Contrast vulnerability
24
+
- Release the updated version of SmartFix by following these instructions: https://contrast.atlassian.net/wiki/spaces/ARCH/pages/4215046180/SmartFix+Action+Releasing+notes
0 commit comments