| Version | Supported |
|---|---|
| 0.1.x (alpha) | ✅ |
Note: Emo-Lang is in alpha status. Use in production environments is not recommended.
Please do not report security vulnerabilities through public GitHub issues.
Instead, please email: security@thetempleoftwo.com
Please include:
- Description of the vulnerability
- Steps to reproduce
- Potential impact
- Suggested fix (if known)
- Acknowledgment: Response within 48 hours
- Investigation: We will assess severity and impact
- Resolution: Security patch release with credit to reporter (unless anonymous preferred)
- Emo-Lang executes .emo programs as Python code
- Never run untrusted .emo files — they could contain malicious code
- Review all .emo programs before execution
- Consider running in sandboxed environments (Docker, VMs) when testing untrusted code
- Malicious Unicode sequences could potentially crash the parser
- If you encounter parsing issues with untrusted input, please report them
- The emotion-to-code transmuter generates executable code from text input
- Review generated code before execution
- Do not use with untrusted user input in production
- Keep dependencies updated:
pip install --upgrade -r requirements.txt - Emo-Lang is experimental — expect security issues in alpha
- Sandbox execution: Run .emo programs in isolated environments
- Code review: Always review .emo code before execution
- Input validation: Sanitize inputs if accepting .emo programs from users
- Regular updates: Keep Emo-Lang and dependencies up to date
We appreciate security researchers. Please:
- Give us reasonable time to fix vulnerabilities before public disclosure
- We will work with you on coordinated disclosure
- We will credit you in release notes (if desired)
Thank you for helping improve Emo-Lang security!