GitHub

Define and publish a policy for handling upstream library CVEs

Audacity should have an Upstream Library Vulnerability Policy that outlines how CVEs in third-party dependencies (like libcurl, ffmpeg, etc.) are assessed in relation to Audacity. A documented policy ...