Skip to main content

Reporting a security issue

We take security very seriously and ask that you follow our security policy carefully.

Important! If you believe you've identified a security issue with Warehouse, DO NOT report the issue in any public forum, including (but not limited to):

  • Our GitHub issue tracker
  • Official or unofficial chat channels
  • Official or unofficial mailing lists

Instead, email security at python dot org directly, providing as much relevant information as possible.

Messages may be optionally encrypted with GPG using key fingerprints available at the Python Security page.

What happens next?

Once you've submitted an issue via email, you should receive an acknowledgment within 48 hours.

Depending on the action to be taken, you may receive further follow-up emails.


This security policy was last updated on March 14, 2018.

Supported by

Elastic Elastic Search Pingdom Pingdom Monitoring Google Google BigQuery Sentry Sentry Error logging AWS AWS Cloud computing DataDog DataDog Monitoring Fastly Fastly CDN SignalFx SignalFx Supporter DigiCert DigiCert EV certificate StatusPage StatusPage Status page