Security.md file added #12460
+131
−21
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
|
|
@@ -32,6 +32,7 @@ repos: | |
| rev: "v2.5.0" | ||
| hooks: | ||
| - id: pyproject-fmt | ||
| language_version: python3.12 | ||
|
|
||
| - repo: local | ||
| hooks: | ||
|
|
||
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,56 @@ | ||
| class KadaneAlgorithm: | ||
|
There was a problem hiding this comment. Please remove as we already have Kadane's algorithm. |
||
| """ | ||
| Kadane's Algorithm to find the maximum sum | ||
| of a contiguous subarray in a given array. | ||
|
|
||
| Time Complexity: O(n) | ||
| Space Complexity: O(1) | ||
|
|
||
| The function works efficiently with both positive and negative integers. | ||
|
|
||
| Usage: | ||
| >>> kadane = KadaneAlgorithm() | ||
| >>> kadane.max_subarray_sum([1, 2, 3, -2, 5]) | ||
| 9 | ||
| >>> kadane.max_subarray_sum([-1, -2, -3, -4]) | ||
| -1 | ||
| >>> kadane.max_subarray_sum([1, 2, 3, 4]) | ||
| 10 | ||
| >>> kadane.max_subarray_sum([10, -10, 20, -5, 10]) | ||
| 25 | ||
| """ | ||
|
|
||
| def __init__(self): | ||
|
There was a problem hiding this comment. Please provide return type hint for the function: There was a problem hiding this comment. The init method in the KadaneAlgorithm class doesn't return any value, so the correct type hint would be:
|
||
| pass | ||
|
|
||
| def max_subarray_sum(self, arr: list[int]) -> int: | ||
| """ | ||
| This function finds the maximum sum of a | ||
| contiguous subarray using Kadane's Algorithm. | ||
|
|
||
| :param arr: List of integers. | ||
| :return: Maximum sum of a contiguous subarray. | ||
|
|
||
| Raises: | ||
| ValueError: If the input array is empty. | ||
|
|
||
| >>> kadane = KadaneAlgorithm() | ||
| >>> kadane.max_subarray_sum([1, 2, 3, -2, 5]) | ||
| 9 | ||
| >>> kadane.max_subarray_sum([-1, -2, -3, -4]) | ||
| -1 | ||
| >>> kadane.max_subarray_sum([1, 2, 3, 4]) | ||
| 10 | ||
| >>> kadane.max_subarray_sum([10, -10, 20, -5, 10]) | ||
| 25 | ||
| """ | ||
| if not arr: | ||
| raise ValueError("Input array cannot be empty.") | ||
|
|
||
| max_sum = current_sum = arr[0] | ||
|
|
||
| for num in arr[1:]: | ||
| current_sum = max(num, current_sum + num) | ||
| max_sum = max(max_sum, current_sum) | ||
|
|
||
| return max_sum | ||
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,50 @@ | ||
| # Security Policy | ||
|
|
||
| ## Reporting a Vulnerability | ||
|
|
||
| If you believe you've found a security vulnerability in **TheAlgorithms/Python**, please follow these steps to report it: | ||
|
|
||
| 1. **Do not open an issue or pull request**: To ensure that the vulnerability is handled responsibly and securely, please **do not create a public issue or PR**. This will allow us to address the issue in a secure manner before any information becomes public. | ||
|
|
||
| 2. **Contact the maintainers**: Send a detailed description of the vulnerability to **[[email protected]]**. Please include the following information: | ||
| - A description of the vulnerability. | ||
| - Steps to reproduce the issue, if applicable. | ||
| - Any relevant code or configuration files. | ||
| - Your contact details (optional). | ||
|
|
||
| If you don't have a direct contact, feel free to create a private email or open a responsible disclosure channel via GitHub Discussions, with a direct request to the maintainers. | ||
|
|
||
| 3. **Timeline for Response**: We strive to respond to all security reports within 48 hours. The severity of the issue may affect the response time. | ||
|
|
||
| ## Security Measures | ||
|
|
||
| - **Vulnerability Fixes**: Once a vulnerability is identified and reported, we will work to fix it as soon as possible. We will issue a patch release if necessary. | ||
| - **Security Advisory**: We will provide a public security advisory with the details of the vulnerability, once the patch has been released. This advisory will include steps for users to mitigate the issue. | ||
|
|
||
| ## Secure Coding Practices | ||
|
|
||
| We follow the best practices in secure coding to ensure our code is resilient against common security vulnerabilities, including but not limited to: | ||
| - Input validation and sanitization | ||
| - Secure handling of sensitive data (e.g., passwords, API keys) | ||
| - Proper encryption and decryption mechanisms | ||
| - Avoiding common vulnerabilities such as SQL injection, cross-site scripting (XSS), and buffer overflows | ||
|
|
||
| ## Data Handling | ||
|
|
||
| We recommend that contributors and users do not store sensitive data (such as passwords or private keys) in the repository. Any sensitive information should be handled securely, using appropriate encryption or key management tools. | ||
|
|
||
| ## Patching and Updates | ||
|
|
||
| We encourage contributors to regularly update dependencies to minimize security vulnerabilities in third-party libraries. | ||
|
|
||
| ## Additional Resources | ||
|
|
||
| For more information on secure coding practices and related resources, you can refer to: | ||
| - [OWASP Top 10](https://owasp.org/www-project-top-ten/) | ||
| - [CWE - Common Weakness Enumeration](https://cwe.mitre.org/) | ||
|
|
||
| ## Responsible Disclosure | ||
|
|
||
| We adhere to responsible disclosure practices and ask that any vulnerabilities be reported privately. We are committed to working with the security community to address any issues as quickly and efficiently as possible. | ||
|
|
||
| --- |
Oops, something went wrong.
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.