# Security Policy

## Supported Versions

We always provide security updates for the [latest release](https://github.com/minio/minio/releases/latest).
Whenever there is a security update you just need to upgrade to the latest version.

## Reporting a Vulnerability

All security bugs in [minio/minio](https://github,com/minio/minio) (or other minio/* repositories)
should be reported by email to ******@****.***. Your email will be acknowledged within 48 hours,

                    .desc("Launch the Maven Encryption tool (script option).")
                    .get());
            options.addOption(Option.builder()
                    .longOpt(UPGRADE)
                    .desc("Launch the Maven Upgrade tool (script option).")
                    .get());
            options.addOption(Option.builder()
                    .longOpt(SHELL)

You should add tests for your app.

With **FastAPI** it's very easy (thanks to Starlette), check the docs: [Testing](../tutorial/testing.md){.internal-link target=_blank}

After you have tests, then you can upgrade the **FastAPI** version to a more recent one, and make sure that all your code is working correctly by running your tests.

        if: matrix.ldap == 'ldaphost:389'
        env:
          _MINIO_LDAP_TEST_SERVER: ${{ matrix.ldap }}
        run: |
          make test-iam-ldap-upgrade-import
      - name: Test LDAP for automatic site replication
        if: matrix.ldap == 'localhost:389'
        run: |
          make test-site-replication-ldap
      - name: Test OIDC for automatic site replication

  maven occur, the maven inheritance model must be pinned against a particular
  modelVersion. This is required so that a change from modelVersion 4.0.0 to
  4.1.0 doesn't cause compatibility problems with users who have not upgraded
  their projects. It also allows for a certain amount of legacy support into the
  future. Therefore, we should rename this file from pom.xml in the maven-core

///

<details>
<summary>Dockerfile-Vorschau 👀</summary>

```Dockerfile
FROM python:3.9

WORKDIR /code

COPY ./requirements.txt /code/requirements.txt

RUN pip install --no-cache-dir --upgrade -r /code/requirements.txt

COPY ./app /code/app

CMD ["fastapi", "run", "app/main.py", "--port", "80"]

# Wenn Sie hinter einem Proxy wie Nginx oder Traefik sind, fügen Sie --proxy-headers hinzu

///

<details>
<summary>Visualização do Dockerfile 👀</summary>

```Dockerfile
FROM python:3.9

WORKDIR /code

COPY ./requirements.txt /code/requirements.txt

RUN pip install --no-cache-dir --upgrade -r /code/requirements.txt

COPY ./app /code/app

CMD ["fastapi", "run", "app/main.py", "--port", "80"]

# Se estiver executando atrás de um proxy como Nginx ou Traefik, adicione --proxy-headers

  /** The HTTP {@code Upgrade} header field name. */
  public static final String UPGRADE = "Upgrade";

  /**
   * The HTTP <a href="https://w3c.github.io/webappsec-upgrade-insecure-requests/#preference">{@code
   * Upgrade-Insecure-Requests}</a> header field name.
   *
   * @since 28.1
   */
  public static final String UPGRADE_INSECURE_REQUESTS = "Upgrade-Insecure-Requests";

<div class="termy">

```console
$ python -m pip install --upgrade pip

---> 100%
```

</div>

/// tip | Подсказка

Иногда при попытке обновить pip вы можете получить ошибку **`No module named pip`**.

Если это произошло, установите и обновите pip с помощью команды ниже:

<div class="termy">

```console
$ python -m ensurepip --upgrade

---> 100%
```

</div>

errors.no_user_for_changing_password=Das aktuelle Passwort ist nicht korrekt.
errors.failed_to_change_password=Fehler beim Ändern Ihres Passworts.
errors.unknown_version_for_upgrade=Unbekannte Version für Upgrade.
errors.failed_to_upgrade_from=Fehler beim Upgrade von {0}.
errors.failed_to_reindex=Fehler beim Starten der Neuindizierung von {0} nach {1}.
errors.failed_to_read_request_file=Fehler beim Lesen einer Anforderungsdatei: {0}