If a security vulnerability is identified in TicTaaC please open an issue and/or submit a PR to resolve the identified vulnerability.
The team is very responsive to reported vulnerabilities - reported issues must be resolved in 30 days or less.
Note - there are several vulnerable test dependencies and test resources. These are never executed or included in a release; these vulnerable resources are present so that the functionality of TicTaaC can be tested.