| Version | Supported |
|---|---|
| 0.7.x | ✅ |
| < 0.7 | ❌ |
RRational is a desktop application for HRV analysis that processes local files. It does not:
- Connect to external servers (except for Streamlit's built-in features)
- Store or transmit user data externally
- Require authentication
- Do NOT open a public issue for security vulnerabilities
- Email the maintainers directly with:
- Description of the vulnerability
- Steps to reproduce
- Potential impact
- Allow reasonable time for a fix before public disclosure
- Code execution vulnerabilities
- Data exposure risks
- Dependency vulnerabilities with known exploits
- Vulnerabilities requiring physical access to the machine
- Issues in dependencies without known exploits
- Theoretical attacks without practical impact
- Keep RRational updated (
git pull && uv sync) - Don't run RRational with elevated privileges
- Keep your HRV data in project folders (not system directories)