Security Policy
Supported Versions
Generally, the latest release will be supported. Nightly branches are never supported unless the author supports it
| Version | Supported |
|---|---|
| 1.0.0 | ❌ |
| 1.1.0 | ❌ |
| 1.1.1 | ✔️ |
| Any nightly branch | ❌ |
| ## Reporting a Vulnerability |
A vulnerability is currently defined as being able to get the session ID with only a mod that gets loaded after NoSession loads its tweaker.
Vulnerabilities that are out of scope are defined as those that NoSession itself cannot prevent.
However, if you can produce a patch for an out-of-scope vulnerability, a bug bounty will be awarded as well.
The bug bounty is a $5 USD Amazon Gift Card. I might run out, so it's awarded on a first come, first serve basis.
Report the bug bounty by sending a DM to PandaNinjas#3017 on Discord.
If you would like, you can encrypt the message with my public GPG key
Your bug bounty may be invalidated if you disclose it to the public before. You must be the first to report a vulnerability