Skip to content

Security: rixrix/deskop-nano-cortex

Security

SECURITY.md

Security Policy

Reporting a vulnerability

Report vulnerabilities privately via GitHub Security Advisories. Do not open a public issue for security problems.

This is a solo-maintainer project: reports are handled best-effort, and there is no bug-bounty program.

Supported versions

Current supported line: 1.0.x. Only the newest 1.0.x release receives fixes. Update to the newest version before reporting.

Logs and captures

BLE/USB reverse-engineering captures and diagnostic logs are often useful in reports — but scrub them first. Do not attach anything containing personal secrets (tokens, paths revealing private data, credentials). The logs/ directory is gitignored for a reason; treat its contents as potentially sensitive before sharing.

There aren't any published security advisories