As much as possible, AutoGluon relies on automated tools to do security scanning. In particular, we support:

1. Dependency Analysis: Using Dependabot
2. Docker Scanning: Using Snyk
3. Code Analysis: Using CodeGuru

Report any security vulnerabilities to [email protected]. This email directly links to the Autogluon security maintenance team. Once the security vulnerability is confirmed, we will work privately on a patch, aiming to produce a dedicated bugfix release as swiftly as complexity allows.