Optimize the pool lock to session key lock

.github/ISSUE_TEMPLATE/bug_report.md

@@ -0,0 +1,27 @@
+---
+name: 🐛 Bug Report
+about: Create a report to help us improve netdriver
+title: '[Bug]: '
+labels: 'bug'
+assignees: ''
+---
+
+**Describe the bug**
+A clear and concise description of what the bug is.
+
+**To Reproduce**
+Steps or code snippets to reproduce the behavior:
+1. Connection protocol used (e.g., SSH) '...'
+2. Device info (e.g., Cisco ASA 9.6.0)
+3. Code snippet executed '...'
+4. The resulting error '...'
+
+**Expected behavior**
+A clear and concise description of what you expected to happen.
+
+**Logs/Traceback**
+If applicable, add full logs or tracebacks to help explain your problem. **(Note: Please mask any passwords, keys, public IP addresses, or sensitive configurations)**
+
+```text
+# Paste code or logs here
+```

.github/ISSUE_TEMPLATE/feature_request.md

@@ -0,0 +1,19 @@
+---
+name: 💡 Feature Request
+about: Suggest an idea or new device support for netdriver
+title: '[Feature]: '
+labels: 'enhancement'
+assignees: ''
+---
+
+**Is your feature request related to a problem? Please describe.**
+A clear and concise description of what the problem is. Ex. "I'm always frustrated when I can't directly parse the configuration output of [Specific Vendor] devices..."
+
+**Describe the solution you'd like**
+A clear and concise description of what you want to happen. Providing expected API usage or pseudocode is highly appreciated.
+
+```python
+# Expected API design example
+device = netdriver.connect(...)
+result = device.do_something_new()
+```

.vscode/settings.json

@@ -10,31 +10,13 @@
         "**/.pytest_cache": true,
         ".venv": true,
     },
+    "python.defaultInterpreterPath": "${workspaceFolder}/.venv/bin/python",
     "python.analysis.autoImportCompletions": true,
-    "python.analysis.extraPaths": [
-        "${workspaceFolder}/bases",
-        "${workspaceFolder}/components",
-        "${workspaceFolder}/development"
-    ],
     "python.autoComplete.extraPaths": [
-        "${workspaceFolder}/bases",
-        "${workspaceFolder}/components",
-        "${workspaceFolder}/development"
-    ],
-    "pylint.args": [
-        "--disable=C0114",
-        "--disable=C0115",
-        "--disable=C0116",
-        "--disable=C0209",
-        "--disable=C0301",
-        "--disable=C0415",
-        "--disable=W0221",
-        "--disable=W0613",
-        "--disable=W0718",
-        "--disable=W1203",
-        "--disable=R0903",
-        "--disable=E1101",
+        "${workspaceFolder}/packages",
     ],
+    "python.testing.pytestEnabled": true,
+    "python.testing.unittestEnabled": false,
     "python.testing.pytestArgs": [
         "-s",
         "-v",
@@ -43,7 +25,4 @@
         "packages/agent/tests",
         "packages/core/tests",
     ],
-    "python.testing.unittestEnabled": false,
-    "python.testing.pytestEnabled": true,
-    "python.defaultInterpreterPath": ".venv/bin/python3"
 }

SECURITY.md

@@ -0,0 +1,61 @@
+# Security Policy
+
+## Supported Versions
+
+| Version | Supported |
+| ------- | --------- |
+| 0.4.x   | Yes       |
+| < 0.4   | No        |
+
+## Reporting a Vulnerability
+
+If you discover a security vulnerability in NetDriver, **please do not open a public GitHub issue**.
+
+Instead, report it via one of the following channels:
+
+- **Email**: Send details to the maintainers at the addresses listed in `pyproject.toml`
+- **GitHub Private Advisory**: Use [GitHub Security Advisories](https://github.com/features/security-advisories) on this repository
+
+Please include the following in your report:
+
+- A description of the vulnerability and its potential impact
+- Steps to reproduce the issue
+- Affected versions
+- Any suggested mitigations or patches (if available)
+
+We aim to acknowledge receipt within **3 business days** and provide an initial assessment within **7 business days**.
+
+## Security Considerations
+
+NetDriver interacts with network devices over SSH and exposes a REST API. When deploying this project, consider the following:
+
+### Credentials and Secrets
+
+- Device credentials (username/password) are passed via API requests. Use TLS/HTTPS in all deployments to prevent credential exposure in transit.
+- Do not log credentials. The agent configuration should be reviewed to ensure no sensitive fields appear in log output.
+- Rotate device credentials regularly and restrict API access to trusted clients.
+
+### API Authentication
+
+- The agent HTTP API does **not** include built-in authentication. Deploy it behind an API gateway, reverse proxy, or firewall that enforces authentication and authorization appropriate for your environment.
+- Restrict network access to the agent port (default: 8000) to trusted hosts only.
+
+### SSH Host Verification
+
+- By default, AsyncSSH may be configured to skip host key verification for convenience. In production, enable strict host key checking to prevent man-in-the-middle attacks.
+
+### Plugin Code Execution
+
+- Plugins are loaded dynamically from the `components/netdriver/plugins/` directory at startup. Ensure that only trusted code is present in the plugin directories and that the deployment environment has appropriate file system permissions.
+
+### Simulated Devices (simunet)
+
+- The `simunet` SSH server is intended for **testing purposes only**. Do not expose it on public networks or use it in production environments.
+
+## Disclosure Policy
+
+We follow a coordinated disclosure process. Once a fix is available, we will:
+
+1. Release a patched version
+2. Publish a security advisory describing the vulnerability, its impact, and the fix
+3. Credit the reporter (unless they prefer to remain anonymous)

packages/agent/src/netdriver_agent/api/rest/__init__.py

@@ -1,8 +1,9 @@
 #!/usr/bin/env python3
 # -*- coding: utf-8 -*-
 from fastapi import APIRouter
+from netdriver_agent.api.rest import v1
 from netdriver_agent.api.rest.v1 import router as _router
 
 
-router = APIRouter(prefix='/api')
+router = APIRouter(prefix="/api")
 router.include_router(_router)

packages/agent/src/netdriver_agent/api/rest/v1/__init__.py

@@ -1,7 +1,8 @@
 #!/usr/bin/env python3
 # -*- coding: utf-8 -*-
 from fastapi.routing import APIRouter
+from netdriver_agent.api.rest.v1 import api  # noqa: F401
 from netdriver_agent.api.rest.v1.api import router as cmd_router
 
-router = APIRouter(prefix='/v1', tags=['v1'])
+router = APIRouter(prefix="/v1", tags=["v1"])
 router.include_router(cmd_router)